Lean responds with 4XX errors when there is some error in the request while 500 indicates that something is wrong on our side. Please review the documentation on the specific API you want to use to see the structure of a 4XX or 500 error response.

All responses will provide a status that can be used to determine what to do using the following table.

CERTIFICATE_TOKEN_MISMATCH401The mTLS certificate used for the API call is a valid certificate issued by Lean but does not match the certificate that is assigned to the application token you have provided in the header.
CUSTOMER_ALREADY_EXISTS409A Lean customer object already exists for the app_user_id you have provided.
INCORRECT_ACCESS_LEVEL403You are making a call to a service that you do not have the correct access permission levels for.
INSUFFICIENT_ACCESS_LEVEL403You are making a call to the production endpoint whereas your application only has access to the sandbox environment. Make the same API call with sandbox.leantech.me/foo instead of api.leantech.me/foo.
INTERNAL_SERVER_ERROR500This one's on us. Something has gone wrong in our system and you should let us know.
INVALID_CERTIFICATE403The provided certificate is not valid.
INVALID_HTTP_METHOD405The HTTP method used for the API call is incorrect but the URL is correct. You've likely used a GET instead of a POST or vice versa.
INVALID_PARAMETERS400One or more parameters specified in the request body were invalid. This could be an unrecognized or misspelled key or an ill formatted value. We are always trying to be more specific with which parameter was invalid so you should contact us and tell us when you see this error so we can make a specific INVALID_[PARAMETERNAME] error for it.
INVALID_URL404The URL specified for this request is invalid. Double check the spelling and whether you used the plural or singular of a noun.
MISSING_PARAMETERS400A parameter required for this request was not specified.
RATE_LIMIT_EXCEEDED429Too many of the exact same request hit our API too quickly. We recommend an exponential backoff when retrying requests.
UNKNOWN_ACCOUNT404The account you specified in the request body cannot be found for the entity you specified. Use the Get Accounts endpoint to ensure that the account_id specified in the request matches one of the accounts for the entity.
UNKNOWN_APP_TOKEN401The app_token specified in the header of the request is not recognized. You can check your app token in the Authentication page of your application dashboard.
UNKNOWN_APP_USER404The app_user you are trying to retrieve the customer object for cannot be found in our system. Ensure that the app_user_id provided as a query parameter is formatted correctly.
UNKNOWN_CUSTOMER404The customer specified in your request does not exist.
UNKNOWN_ENTITY404The entity specified in your request does not exist or, when applicable does not belong to the customer also specified in the query parameter.
UNKNOWN_RESULTS_ID404The results_id specified in your query parameters does not exist.
USER_PERMISSIONS_NOT_GRANTED403Your customer has not granted you permission to access the data you are requesting. You define the permissions asked for in the Link() flow in the SDK and you can query which permissions you asked for by using the Get Entity request.