Error messages
If you receive error messages while attempting to consume IRIS HR API, the error will contain a code that corresponds to one of the issues described below.
If the code is not listed below, or the problem cannot be resolved, copy the trace ID from the error payload and share it with your IRIS contact or email hrapi@iris.co.uk
Example:
Code: 500-000-0001
Description: The server returned a status 502 error, message: Received non success response code, log_trace: rrt-xxxxxxxxxxxxxxxxxxx-x-xxxx-xxxxx-xxxxxx-x
400 errors
|
IRIS Code |
Name |
Description |
|
400-004-0001 |
OData Pagination Exception |
Condition: Passing invalid parameters for the pagination. |
|
400-004-0002 |
OData Exception |
Condition: Invalid OData query. |
|
400-004-0003 |
Validation Exception |
The request included incorrect data for [<list of fields>]. Please refer to the documentation to review the field requirements. One or more fields can be included, possible options:
Condition:
|
401 errors
|
IRIS Code |
Name |
Description |
|
401-000-0001 |
|
The access token has expired. Access tokens have a 30-minute lifespan. You will need to periodically request new tokens. |
|
401-000-0002 |
|
You have requested a token using a grant type that is not supported by the API resource you are trying to call. Some resources require logged-in users, which means the client credentials grant type is not suitable. |
|
401-000-0003 |
|
You are attempting to consume an API resource that you do not have permission to access. |
403 errors
|
IRIS Code |
Name |
Description |
|
403-000-0001 |
|
You are attempting to consume an API resource that requires scopes that are not included in the access token. |
404 errors
|
IRIS Code |
Name |
Description |
|
404-004-0001 |
Not Found Exception |
The specified resource was not found.
Condition: Trying to access employee, hierarchy, jobs, etc. that doesn't exist. |
429 errors
|
IRIS Code |
Name |
Description |
|
429-000-0002 |
|
Quota exceeded. IRIS maintains a daily quota on applications in line with our fair use policy. |
|
429-000-0003 |
|
Rate limit exceeded. IRIS maintains a throttle on all API traffic in line with our fair use policy. |
400 authorisation errors
|
IRIS Code |
Name |
Description |
| 400-001-0001 | Invalid Request | The request could not be processed. It may contain invalid syntax, or necessary parameters are missing or are malformed. |
| 400-001-0002 | Missing parameters | The Authorize endpoint requires client_id, redirect_uri, scope and response_type parameters. Any one of these are missing or are malformed . |
| 400-001-0003 | Unsupported grant_type | Valid grant_types include client_credentials, refresh & authorization_code. |
| 400-001-0004 | PKCE Missing | In the absence of an Authorization header, you must provide a PKCE code_challenge in the authorize request and a corresponding code_verifier in the token request. Either one or both of these values in missing. |
| 400-001-0005 | Invalid Response Type | The Authorization API only supports the “code” response type, used as part of the Authorization Code Grant flow. |
| 400-001-0007 | Invalid refresh token | The refresh token provided is invalid or is malformed. |
401 authorisation errors
|
IRIS Code |
Name |
Description |
| 401-001-0001 | The Client credentials are invalid | Unless PKCE is being used, the token request must include an Authorization header with a valid Basic credentials string . |
| 401-001-0002 | The Authorization Code is Missing or Invalid | The token request must include a valid code retrieved from the authorize endpoint. |
| 401-001-0003 | The Authorization Code has expired | Authorization codes are very short-lived. After performing an Authorize request, you must exchange it for a token immediately. |
| 401-001-0004 | The Authorization Code is not valid for the Client | The client ID and redirect_uri used in the authorize request and the token request must match exactly. |
| 401-001-0005 | Refresh token expired | Refresh tokens are very long-lived but do still have an expiry. A new set of access and refresh tokens need to be requested from the Authorization API. |
| 401-001-0006 | Client not approved | IRIS administrators have not yet approved the client application. Until it has been approved, it cannot be used to make API calls. |
| 401-001-0007 | Client not approved | The client application is associated with a developer account which has been disabled. Please contact IRIS platform support for further information. |
| 401-001-0008 | PKCE challenge has failed | The code_verifier provided in the token request did not produce a code that matched the code_challenge provided in the authorize request. |
| 401-001-0009 | Client ID does not match | The client ID and redirect_uri used in the authorize request and the token request must match exactly. |
500 authorisation errors
|
IRIS Code |
Name |
Description |
| 500-001-0001 | Authorization Code not Found | |
| 500-001-0002 | Client ID Missing | |
| 500-001-0003 | Refresh token is missing | |
| 500-001-0004 | Invalid parameters | |
| 500-001-0005 | Invalid token type | |
| 500-001-0006 | Invalid token type | |
| 500-001-0007 | Communication error with the Identity Provider | |
| 500-001-0008 | Communication error with the Identity Provider | |
| 500-001-0009 | Communication error with the Identity Provider | |
| 500-001-0010 | Communication error with the Identity Provider | |
| 500-001-0011 | Identity Provider Credentials could not be Retrieved | |
| 500-001-0012 | Problem retrieving session cookie | |
| 500-001-0013 | Problem with cache retrieval | |
| 500-001-00014 | Identity Provider did not provide tokens | |
| 500-001-00015 | Identity Provider did not provide tokens | |
| 500-001-00016 | Unsupported Grant Type | |
| 500-001-00017 | The client ID cannot be resolved | |
| 500-001-00018 | The client secret cannot be determined | |
| 500-001-00019 | Session ID could not be resolved | |
| 500-001-00020 | State does not match |