Error Codes
Authentication Errors
Error codes for login, JWT token, permission, and rate limit issues.
Errors related to login, JWT token validation, permissions, and rate limiting.
| Code | HTTP | Message | Scenario | Resolution |
|---|---|---|---|---|
AUTH_001 | 401 | Invalid credentials | Wrong username or password | Verify API credentials from your onboarding package |
AUTH_002 | 401 | Token expired | JWT token has exceeded its 24-hour TTL | Call /auth/login to obtain a fresh token |
AUTH_003 | 401 | Invalid token | JWT is malformed, tampered, or not properly signed | Obtain a new token via /auth/login |
AUTH_004 | 403 | Insufficient permissions | The API endpoint is not allowed for your role | Contact M2P to verify API access permissions |
AUTH_005 | 401 | Session expired | Server-side session has been invalidated | Re-authenticate via /auth/login |
AUTH_006 | 400 | Missing authorization header | No Authorization header in the request | Include Authorization: Bearer <token> header |
AUTH_007 | 403 | Tenant mismatch | TENANT header does not match the JWT token's entity | Verify the TENANT header matches your assigned tenant ID |
AUTH_008 | 429 | Rate limit exceeded | Too many requests in the current window | Implement exponential backoff and retry after the rate limit resets |