Skip to main content

Error response format

All errors return JSON with an error field:
Some errors include additional fields:

HTTP status codes

400 Bad Request

The request body failed validation. Check the details field for the specific validation errors.
Common causes:
  • Missing required fields
  • Invalid UUID format in path parameters
  • Event batch exceeds 50 items
  • eventType not one of: view, complete, dismiss, skip, custom

401 Unauthorized

Authentication failed. See authentication for setup.
Common causes:
  • Missing Authorization header
  • Incorrect snippet key
  • Expired session token (for dashboard-authenticated routes)

403 Forbidden

The authenticated credential does not have permission to access this resource.
Common causes:
  • Accessing a resource belonging to a different organisation
  • Attempting to use a snippet-key-authenticated request on a session-only endpoint

404 Not Found

The requested resource does not exist, or does not belong to your organisation.
Note: Zenstep returns 404 (not 403) when a resource exists but belongs to a different organisation. This prevents enumeration attacks.

409 Conflict

A uniqueness constraint was violated.

429 Too Many Requests

Rate limit exceeded. See rate limits.

500 Internal Server Error

An unexpected error occurred on Zenstep’s servers.
If you encounter persistent 500 errors, check the Zenstep status page and contact support if the issue persists.

Handling errors in code