Error response format
When a request fails, the Flextell API returns a JSON object with two fields:| Field | Type | Description |
|---|---|---|
error | string | A machine-readable error code. |
message | string | A human-readable description of what went wrong. |
Error responses never include a
data field. Always check the HTTP status code before attempting to parse a response as a success.HTTP status codes
| Status | Meaning | What to do |
|---|---|---|
400 Bad Request | The request body or query parameters are invalid or missing required fields. | Fix the request — check required fields and data types. |
401 Unauthorized | The Authorization header is missing or the bearer token is invalid or expired. | Refresh your access token and retry. |
403 Forbidden | The token is valid, but it lacks the required scope or permissions. | Re-authorize with the correct OAuth scopes. |
404 Not Found | The requested resource does not exist. | Check the resource ID and endpoint path. |
409 Conflict | The resource already exists, or the requested state change conflicts with current state. | Adjust your request to avoid the conflict (e.g., use a unique identifier). |
422 Unprocessable Entity | The request is well-formed but fails validation rules. | Read the message field for details on which field failed validation. |
429 Too Many Requests | You have exceeded the rate limit. | Wait for the duration specified in the Retry-After response header, then retry. |
500 Internal Server Error | An unexpected server-side error occurred. | Retry with exponential backoff. If the issue persists, contact support. |
503 Service Unavailable | The service is temporarily unavailable. | Retry with exponential backoff. |
Example error responses
401 UnauthorizedRetry strategy
For429 and 5xx responses, retry the request using exponential backoff with jitter:
Check the status code
Only retry on
429, 500, or 503. Do not retry 4xx errors other than 429 — they indicate a problem with your request that will not resolve on its own.Respect Retry-After for 429 responses
When you receive a
429, read the Retry-After response header. It contains the number of seconds to wait before retrying. Do not retry sooner than this value.Use exponential backoff for 5xx responses
For
500 and 503 responses, wait before retrying. Double the wait time on each subsequent failure, starting from a base of 1 second.Add jitter
Add a small random delay (jitter) to your backoff interval. This prevents multiple clients from retrying simultaneously and overwhelming the server.
| Attempt | Base wait | With jitter (±500ms) |
|---|---|---|
| 1 | 1s | 0.5s – 1.5s |
| 2 | 2s | 1.5s – 2.5s |
| 3 | 4s | 3.5s – 4.5s |
| 4 | 8s | 7.5s – 8.5s |
| 5 | 16s | 15.5s – 16.5s |
Common mistakes
Expired token → 401 Unauthorized
Expired token → 401 Unauthorized
Wrong scope → 403 Forbidden
Wrong scope → 403 Forbidden
If you receive a
403, your token does not have the required permission for the action. Re-initiate the OAuth Authorization Code Flow and request the correct scopes. Check the API reference for each endpoint to confirm which scopes are required.Missing required fields → 400 Bad Request
Missing required fields → 400 Bad Request
Check the
message field in the error response. It describes which field is missing or malformed. Compare your request body against the API reference for that endpoint.Resource ID typo → 404 Not Found
Resource ID typo → 404 Not Found
Verify that the resource ID in your request path is correct and that the resource has not been deleted. IDs are case-sensitive.