Lean responds with 4XX errors when there is some error in the request while 500 indicates that something is wrong on our side. Please review the documentation on the specific API you want to use to see the structure of a 4XX or 500 error response.
All responses will provide a status that can be used to determine what to do using the following table.
| Status | Code | Description |
|---|---|---|
| CERTIFICATE_TOKEN_MISMATCH | 401 | The mTLS certificate used for the API call is a valid certificate issued by Lean but does not match the certificate that is assigned to the application token you have provided in the header. |
| CUSTOMER_ALREADY_EXISTS | 409 | A Lean customer object already exists for the app_user_id you have provided. |
| INCORRECT_ACCESS_LEVEL | 403 | You are making a call to a service that you do not have the correct access permission levels for. |
| INSUFFICIENT_ACCESS_LEVEL | 403 | You are making a call to the production endpoint whereas your application only has access to the sandbox environment. Make the same API call with sandbox.leantech.me/foo instead of api.leantech.me/foo. |
| INTERNAL_SERVER_ERROR | 500 | This one's on us. Something has gone wrong in our system and you should let us know. |
| INVALID_CERTIFICATE | 403 | The provided certificate is not valid. |
| INVALID_HTTP_METHOD | 405 | The HTTP method used for the API call is incorrect but the URL is correct. You've likely used a GET instead of a POST or vice versa. |
| INVALID_PARAMETERS | 400 | One or more parameters specified in the request body were invalid. This could be an unrecognized or misspelled key or an ill formatted value. We are always trying to be more specific with which parameter was invalid so you should contact us and tell us when you see this error so we can make a specific INVALID_[PARAMETERNAME] error for it. |
| INVALID_URL | 404 | The URL specified for this request is invalid. Double check the spelling and whether you used the plural or singular of a noun. |
| MISSING_PARAMETERS | 400 | A parameter required for this request was not specified. |
| RATE_LIMIT_EXCEEDED | 429 | Too many of the exact same request hit our API too quickly. We recommend an exponential backoff when retrying requests. |
| UNKNOWN_ACCOUNT | 404 | The account you specified in the request body cannot be found for the entity you specified. Use the Get Accounts endpoint to ensure that the account_id specified in the request matches one of the accounts for the entity. |
| UNKNOWN_APP_TOKEN | 401 | The app_token specified in the header of the request is not recognized. You can check your app token in the Authentication page of your application dashboard. |
| UNKNOWN_APP_USER | 404 | The app_user you are trying to retrieve the customer object for cannot be found in our system. Ensure that the app_user_id provided as a query parameter is formatted correctly. |
| UNKNOWN_CUSTOMER | 404 | The customer specified in your request does not exist. |
| UNKNOWN_ENTITY | 404 | The entity specified in your request does not exist or, when applicable does not belong to the customer also specified in the query parameter. |
| UNKNOWN_RESULTS_ID | 404 | The results_id specified in your query parameters does not exist. |
| USER_PERMISSIONS_NOT_GRANTED | 403 | Your customer has not granted you permission to access the data you are requesting. You define the permissions asked for in the Link() flow in the SDK and you can query which permissions you asked for by using the Get Entity request. |