Errors
Error handling, status codes, and error response structures
Common error codes and their meanings
The k0rdent API uses standard HTTP status codes and structured error responses to communicate failures clearly.
Error Response Structure
All error responses follow a consistent structure with the discriminated union envelope:
Error Object Fields
| Field | Type | Description |
|---|---|---|
code | string | Machine-readable error code |
message | string | Human-readable error description |
details | object | Additional context (optional) |
HTTP Status Codes
The k0rdent API uses the following HTTP status codes:
| Code | Usage |
|---|---|
200 | Success (GET, PATCH, DELETE) |
201 | Created (POST that creates resource) |
202 | Accepted (async operation started) |
204 | No Content (DELETE with no body) |
207 | Multi-Status (bulk operations) |
400 | Bad Request (validation error) |
401 | Unauthorized (no/invalid auth) |
403 | Forbidden (valid auth, no permission) |
404 | Not Found |
409 | Conflict (resource state conflict) |
422 | Unprocessable Entity (semantic error) |
429 | Too Many Requests (rate limited) |
500 | Internal Server Error |
Key Patterns
- Use
202 Acceptedfor all async operations (BMC, K8s interactions) - Use
207 Multi-Statusfor all batch operations (indicates partial success possible) - Use
409 Conflictfor invalid state transitions (e.g., provisioning an already-provisioned server) - Always include error codes in response body, not just HTTP status
Common Error Codes
The API uses machine-readable error codes in the error.code field:
| Code | HTTP Status | Description |
|---|---|---|
VALIDATION_ERROR | 400 | Request validation failed |
NOT_FOUND | 404 | Resource not found |
FORBIDDEN | 403 | Insufficient permissions |
UNAUTHORIZED | 401 | Invalid or missing authentication |
CONFLICT | 409 | Resource state conflict |
INVALID_STATE_TRANSITION | 409 | Cannot transition resource to target state |
POOL_CAPACITY_EXCEEDED | 409 | Not enough resources in pool |
QUOTA_EXCEEDED | 403 | Organization quota exceeded |
BMC_CONNECTION_FAILED | 500 | Cannot connect to BMC |
INTERNAL_ERROR | 500 | Unexpected server error |
Error Examples
Validation Error
Not Found Error
Invalid State Transition
Capacity Exceeded
Typed Error Classes
The k0rdent API implementation uses typed error classes for consistency:
AppError
Base error class for all application errors:
ValidationError
Used for request validation failures:
NotFoundError
Used when a resource cannot be found:
ForbiddenError
Used when the user lacks permission:
ConflictError
Used for resource state conflicts:
InvalidStateTransitionError
Used for invalid state transitions:
Bulk Operation Errors
Bulk operations use 207 Multi-Status with per-resource error details:
Note: Bulk operations always return success: true at the top level, with per-resource status in the results array.
Error Handling Best Practices
For API Consumers
- Check the
successfield - Use TypeScript discriminated unions for type safety - Log
requestId- Always log the request ID for debugging - Handle specific error codes - Don't rely solely on HTTP status codes
- Parse
detailsfield - Provides additional context for validation errors - Implement retries - For
500and429errors with exponential backoff
Example Client Code
Rate Limiting
Rate limit errors return 429 Too Many Requests with a Retry-After header indicating when to retry.
Check the Retry-After response header for the recommended retry delay in seconds.
Last updated on
How is this guide?