Skip to main content

Documentation

Troubleshooting Authentication and Authorization Errors

The following errors might occur when the user is first setting up scripts to send API requests to the Rapyd server address. They are differentiated by the values in the following fields:

  • error_code

  • message

UNAUTHORIZED_API_CALL (401)
    {
        "status": {
            "error_code": "UNAUTHORIZED_API_CALL",
            "status": "ERROR",
            "message": "",
            "response_code": "UNAUTHORIZED_API_CALL",
            "operation_id": "46aaac18-675b-4b60-9ebf-d77227c8a3ce"
        }
    }

Possible reasons:

  • The endpoint does not exist. Check your spelling.

  • You are using an unsupported HTTP method for the path, even if the path is correct.

    For example: get {{base_url}}/issuing/cards/activate

  • The endpoint requires a path parameter, but the value does not exist in the server and environment you are using.

    • Environment - Sandbox, production.

    • User - You are searching for data that exists, but it’s in someone else’s sandbox.

MISSING_AUTHENTICATION_HEADERS (400)
    {
        "status": {
            "error_code": "MISSING_AUTHENTICATION_HEADERS",
            "status": "ERROR",
            "message": "The request did not contain the required headers for authentication. The request was rejected. Corrective action: Add authentication headers.",
            "response_code": "MISSING_AUTHENTICATION_HEADERS",
            "operation_id": "6e752240-97c4-4238-8ace-1c5f2547ee53"
        }
    }

Possible reasons:

  • You are missing one or more of the following header parameters:

    • access_key

    • salt

    • timestamp

    • signature

  • You do not have a numeric value for timestamp.

UNAUTHENTICATED_API_CALL (401)

This generally means there is a problem with the header parameters.

Access Key Problem
    {
        "status": {
            "error_code": "UNAUTHENTICATED_API_CALL",
            "status": "ERROR",
            "message": "The request was rejected due to an authentication issue. Corrective action: Check the status of your account in the 'Account Details' page of the Client Portal.",
            "response_code": "UNAUTHENTICATED_API_CALL",
            "operation_id": "d183191e-9b61-411d-8b0b-ff13c634b14e"
        }
    }

Possible reasons:

  • The access_key is wrong.

  • The access_key was updated by the account owner in the Client Portal. Contact the account owner. If you have permissions to see the authentication keys in the Client Portal, navigate to Developers > API access control. Set the Sandbox toggle for the environment you want.

  • Your account was deactivated. Contact Customer Support as described in Creating a Customer Support Ticket.

Signature Problem
    {
        "status": {
            "error_code": "UNAUTHENTICATED_API_CALL",
            "status": "ERROR",
            "message": "The API received a request, but the signature did not match. The request was rejected. Corrective action: (1) Remove all whitespace that is not inside a string. (2) Remove trailing zeroes and decimal points, or wrap numbers in a string.",
            "response_code": "UNAUTHENTICATED_API_CALL",
            "operation_id": "8acfcd90-9bed-4090-88a9-afde33119bb1"
        }
    }

Possible reasons:

  • The value you sent for salt is not the same as what you used to calculate the signature.

  • The value you sent for timestamp is not the same as what you used to calculate the signature.

  • timestamp is more than 60 seconds before the actual time the request was sent.

  • There is an error in the way you calculated the signature.

  • You need to strip all the whitespace from the body, except spaces that are inside strings.

  • A numeric value in the body contains trailing zeroes that represent fractional values. Wrap the number in a string.

  • An integer numeric value in the body contains a trailing decimal point. Wrap the number in a string.

In this section: