Lean responds with 4XX errors when there is some error in the request while 500 indicates that something is wrong on our side. Please review the documentation on the specific API you want to use to see the structure of a 4XX or 500 error response.

All responses will provide a status that can be used to determine what to do using the following table.

Status	Code	Description
CERTIFICATE_TOKEN_MISMATCH	401	The mTLS certificate used for the API call is a valid certificate issued by Lean but does not match the certificate that is assigned to the application token you have provided in the header.
CUSTOMER_ALREADY_EXISTS	409	A Lean customer object already exists for the app_user_id you have provided.
INCORRECT_ACCESS_LEVEL	403	You are making a call to a service that you do not have the correct access permission levels for.
INSUFFICIENT_ACCESS_LEVEL	403	You are making a call to the production endpoint whereas your application only has access to the sandbox environment. Make the same API call with sandbox.leantech.me/foo instead of api.leantech.me/foo.
INTERNAL_SERVER_ERROR	500	This one's on us. Something has gone wrong in our system and you should let us know.
INVALID_CERTIFICATE	403	The provided certificate is not valid.
INVALID_HTTP_METHOD	405	The HTTP method used for the API call is incorrect but the URL is correct. You've likely used a GET instead of a POST or vice versa.
INVALID_PARAMETERS	400	One or more parameters specified in the request body were invalid. This could be an unrecognized or misspelled key or an ill formatted value. We are always trying to be more specific with which parameter was invalid so you should contact us and tell us when you see this error so we can make a specific INVALID_[PARAMETERNAME] error for it.
INVALID_URL	404	The URL specified for this request is invalid. Double check the spelling and whether you used the plural or singular of a noun.
MISSING_PARAMETERS	400	A parameter required for this request was not specified.
RATE_LIMIT_EXCEEDED	429	Too many of the exact same request hit our API too quickly. We recommend an exponential backoff when retrying requests.
UNKNOWN_ACCOUNT	404	The account you specified in the request body cannot be found for the entity you specified. Use the Get Accounts endpoint to ensure that the account_id specified in the request matches one of the accounts for the entity.
UNKNOWN_APP_TOKEN	401	The `app_token` specified in the header of the request is not recognized. You can check your app token in the Authentication page of your application dashboard.
UNKNOWN_APP_USER	404	The app_user you are trying to retrieve the customer object for cannot be found in our system. Ensure that the app_user_id provided as a query parameter is formatted correctly.
UNKNOWN_CUSTOMER	404	The customer specified in your request does not exist.
UNKNOWN_ENTITY	404	The entity specified in your request does not exist or, when applicable does not belong to the customer also specified in the query parameter.
UNKNOWN_RESULTS_ID	404	The results_id specified in your query parameters does not exist.
USER_PERMISSIONS_NOT_GRANTED	403	Your customer has not granted you permission to access the data you are requesting. You define the permissions asked for in the Link() flow in the SDK and you can query which permissions you asked for by using the Get Entity request.