Troubleshooting Authentication and Authorization Errors
The following errors might occur when the user is first setting up scripts to send API requests to the Rapyd server address. They are differentiated by the values in the following fields:
error_code
message
UNAUTHORIZED_API_CALL (401)
{ "status": { "error_code": "UNAUTHORIZED_API_CALL", "status": "ERROR", "message": "", "response_code": "UNAUTHORIZED_API_CALL", "operation_id": "46aaac18-675b-4b60-9ebf-d77227c8a3ce" } }
Possible reasons:
The endpoint does not exist. Check your spelling.
You are using an unsupported HTTP method for the path, even if the path is correct.
For example: get {{base_url}}/issuing/cards/activate
The endpoint requires a path parameter, but the value does not exist in the server and environment you are using.
Environment - Sandbox, production.
User - You are searching for data that exists, but it’s in someone else’s sandbox.
MISSING_AUTHENTICATION_HEADERS (400)
{ "status": { "error_code": "MISSING_AUTHENTICATION_HEADERS", "status": "ERROR", "message": "The request did not contain the required headers for authentication. The request was rejected. Corrective action: Add authentication headers.", "response_code": "MISSING_AUTHENTICATION_HEADERS", "operation_id": "6e752240-97c4-4238-8ace-1c5f2547ee53" } }
Possible reasons:
You are missing one or more of the following header parameters:
access_key
salt
timestamp
signature
You do not have a numeric value for
timestamp
.
UNAUTHENTICATED_API_CALL (401)
This generally means there is a problem with the header parameters.
Access Key Problem
{ "status": { "error_code": "UNAUTHENTICATED_API_CALL", "status": "ERROR", "message": "The request was rejected due to an authentication issue. Corrective action: Check the status of your account in the 'Account Details' page of the Client Portal.", "response_code": "UNAUTHENTICATED_API_CALL", "operation_id": "d183191e-9b61-411d-8b0b-ff13c634b14e" } }
Possible reasons:
The
access_key
is wrong.The
access_key
was updated by the account owner in the Client Portal. Contact the account owner. If you have permissions to see the authentication keys in the Client Portal, navigate to Developers > API access control. Set the Sandbox toggle for the environment you want.Your account was deactivated. Contact Customer Support as described in Creating a Customer Support Ticket.
Signature Problem
{ "status": { "error_code": "UNAUTHENTICATED_API_CALL", "status": "ERROR", "message": "The API received a request, but the signature did not match. The request was rejected. Corrective action: (1) Remove all whitespace that is not inside a string. (2) Remove trailing zeroes and decimal points, or wrap numbers in a string.", "response_code": "UNAUTHENTICATED_API_CALL", "operation_id": "8acfcd90-9bed-4090-88a9-afde33119bb1" } }
Possible reasons:
The value you sent for
salt
is not the same as what you used to calculate the signature.The value you sent for
timestamp
is not the same as what you used to calculate the signature.timestamp
is more than 60 seconds before the actual time the request was sent.There is an error in the way you calculated the signature.
You need to strip all the whitespace from the body, except spaces that are inside strings.
A numeric value in the body contains trailing zeroes that represent fractional values. Wrap the number in a string.
An integer numeric value in the body contains a trailing decimal point. Wrap the number in a string.