Errors
Firewall Errors
You will get a network error if your API request is blocked by our firewall.
Generic
HTTP Status Code |
|
|---|
{
"error": "Request blocked by firewall",
"message": "Your request was blocked by our firewall. Please contact us if you believe this was in error."
}
API Key Used Client Side
HTTP Status Code |
|
|---|
{
"error": "Request blocked by firewall",
"message": "Your request was blocked by our firewall because your API key is being used client side. Verified API keys must only be used server side. Please contact us if you believe this was in error."
}
Never use Verified API keys client side. Only use them server side. Verified API keys allow you to source sensitive data about user, so you must keep them secure. This is why we require that you get clear user consent before calling our API and why we review your integration in Sandbox before giving you Production access. See our go live checklist for details.
If you use a Verified API key client side, our firewall will block your request, and you'll get a firewall error.
Rate Limit
HTTP Status Code |
|
|---|
{
"error": "Request blocked by firewall",
"message": "Your request was blocked by our firewall due to abnormally high request volume. Please contact us if you believe this was in error."
}
Application Errors
To handle application level errors (returned by Verified API endpoints), we recommend that you primarily use the response body's data.errorCode, which is a Verified specific error code. See Verified Error Codes below for descriptions of what each code means.
Error Type
This definition is also in Error in Types.
{
"name": string,
"message": string,
"code": number,
"className": string,
"data": {
"errorCode": string,
"additionalInputs": [string], // only for error code OCE011
"inputAttemptsExceeded": [string], // only for error code OCE019
"riskSignals": RiskSignals // only for error code OCE017
}
}
| Property | Type | Format | Description | Example |
|---|---|---|---|---|
name | string | PascalCase | Name of the error | "BadRequest" |
message | string | Sentence case | Message for developer that explains the error | "Additional information is required to source data for user: birthDate" |
code | number | 3 digits (0-9) | HTTP response status code | 400 |
className | string | kebab-case | Class of error | bad-request |
data.errorCode |
| 3 letters and 3 digits (0-9) | Verified error code | "OCE011" |
data.additionalInputs | [string] | camelCase | Additional inputs to source credentials for user, where multiple values indicates inclusive OR (only included for OCE011) | ["birthDate", "ssn4"] |
data.inputAttemptsExceeded | [string] | camelCase | Input(s) for which the attempts limit (3 for each input) has been exceeded (only included for OCE019) | ["birthDate", "ssn4"] |
data.riskSignals | RiskSignals | Object | Verified risk signals associated with the 1-Click Signup event | See RiskSignals example |
Example
{
"name": "BadRequest",
"message": "Additional information is required to source data for user: birthDate, ssn4"
"code": 400,
"className": "bad-request",
"data": {
"errorCode": "OCE011",
"additionalInputs": ["birthDate", "ssn4"], // inclusive OR: can pass either or both in next call
"riskSignals": {
"overall": {
"score": 0, // always enabled
"level": "low", // always enabled
"recommendation": "allow", // always enabled
"reasonCodes": [ // add on (ask Verified support to enable)
"OCR10021"
]
},
"phone": { // add on (ask Verified support to enable)
"carrier": {
"id": 0,
"name": "Example Carrier"
}
"reasonCodes": [
"OCR20004",
"OCR20005",
"OCR20007",
"OCR20101"
]
},
"email": { // add on (ask Verified support to enable)
"reasonCodes": [
"OCR60001",
"OCR60002"
]
}
}
}
}
Verified Error Codes
An errorCode is a Verified specific error code consisting of 3 letters and 3 numbers. Codes that begin with ERR are generic, and those that begin with OCE are specific to 1-Click Signup. (OCE refers to a One Click Error.)