HTTP status codes are the responses that indicate whether a request has been completed. These status codes serve as a communication medium between the browser and the server.
The first digit of each status code defines the type of response as follows:
2XX indicates that your request has been completed.
4XX indicates a client error. These are mostly validation errors.
5XX indicates a server error caused by the server itself.
Below, you can see a list of various HTTP status codes that can return as a response to the requests sent to Insider's APIs, along with sample responses:
Your title goes here
While preparing your payload, make sure to write it in JSON format. For example, use double quotes for keys and values, not single quotes.
Your title goes here
The responses vary depending on the APIs. Those listed below are sample responses that might return in different cases. You might receive the same codes with different messages.
200 OK
This code indicates that the request has been completed.
{
"data": {
"successful": {
"count": 1
},
"fail": {}
}
}200 Campaign Created Successfully
This code indicates that your campaign has been successfully created.
{
"response": "Campaign Created."
}201 Created
This code indicates that your campaign has been successfully created.
{
"status_code": 201,
"content": {
"message": "Campaign created successfully.",
"builder_id": "1000",
"campaign_id": "1230"
}
}201 Created Success Message
This code indicates the success message.
{
"message":"created",
"id":"builderID"
}202 Accepted
This code indicates that your request has been successfully accepted.
{
"message": "Accepted",
"status": 202
}400 Bad Request
This code indicates that the server cannot proceed due to a client error.
{
"success": false,
"message": "Access Denied. You do not have sufficient access to perform this action."
}400 Bad Request
If you do not include user in your request, you receive an error shown below:
{"error":"users must be defined: bad request"}400 Bad Request
{
"statusMessage": "Bad request"
}400 Bad Request
The entire request must be no larger than 5 MB in size. If you send more than that limit, you receive an error shown below:
{"error": "request body is bigger than maximum allowed size 5,000,000 bytes"}400 Bad Request
If the request returns this response, you need to check the partner value in the request. For example, if your panel name is "mypanel" but you use it as "my panel", you can receive this error.
{
"success": false,
"message": "Partner is invalid."
}400 Bad Request
If you enter the same value for both the old and new fields for identifiers, you will receive the following error.
{
"error": "identifier values are the same: bad request"
}400 Bad Request
The old_identifier and new_identifier values must be filled in the payload when making a request. Both fields are required; below error occurs if either one is missing:
{
"error": "there must be exactly 1 entry for both new and old identifiers: bad request"
}400 Bad Request
Identifiers are unique values, so the same value cannot be set for multiple users. If you do not want to use the identifier value for another user, you need to delete that value from the other user using the Identity API, and then send that value to the new user.
{
"error": "new identifier already has a user assigned to it: bad request"
}400 Bad Request
If the request returns this response, you need to check the Identity Resolution Management Settings. You can send the identifiers if they exist in the IRM settings. For example, if the phone number is not an identifier for the panel A, you cannot send any payload with the phone number key name as identifier.
{
"error": "no valid identifier: bad request"
}400 Bad Request
Identifiers that are to be deleted cannot be the only identifier associated with a user profile. If you attempt to delete such an identifier, an error message will be displayed as shown below.
{
"error": "you cannot delete the sole identifier specified for a user: bad request"
}400 Bad Request
{
"statusMessage": "segment name already in use"
}400 Bad Request
This response indicates that your request is missing the email address in the 'to' parameter.
{
"errors": [
"Missing 'email' on 'tos' parameter"
],
"status_message": "failed to validate request"
}400 Bad Request
This response indicates that the request has an invalid callback URL.
{
"errors": [
"Invalid callback URL in 'url' on 'callback'"
],
"status_message": "failed to validate request"
}This error is triggered for cases like the following:
"url": "domain path"
"url": "htp:/domain"
"url": "example .com"
"url": ""You need to review and correct the URL. The correct usage can be as follows:
"callback": {
"url": "https://insiderone.com"
}There needs to be only one URL, and it must be a valid, properly formatted URL.
400 Bad Request
The following response returns if your request is missing an identifier.
{
"error": "empty_insider_identifiers",
"message": "'insider_identifiers' object need to have at least one identifier"
}400 Bad Request
The following response returns if the notifications array is empty.
{
"error": "invalid_notifications",
"message": "'notifications' is empty, add some notification objects"
}400 Bad Request
The following response returns if the array has more than 20 objects.
{
"error": "invalid_notifications",
"message": "'notifications' can't have more than 20 objects"
}400 Bad Request
The following response returns if the deep link is blacklisted. The "aps" key cannot be used in the deep link. You need to remove the "aps" word from the deep link.
{
"error": "blacklisted_deeplink",
"message": "deepLink can't contain 'aps' key"
}400 Bad Request
The following response returns if the camp ID or channel ID is a negative integer.
{
"error": "negative_integer",
"message": "camp_id' and/or 'channel_id' must be greater than zero"
}400 Bad Request
The following response returns if the advanced push type is invalid.
{
"error": "invalid_advanced_push_type",
"message": "'advanced_push_type' must be either Carousel or Slider"
}400 Bad Request
The following response returns if the certificate is invalid. Refer to Push Certificates to see how to add push certificates for iOS, Android, and Huawei.
{
"error": "invalid_certificate",
"message": "You do not have a validated certificate. Please check Certificate section under Insider's Settings."
}400 Bad Request
The following is a sample response for a request where the limit is greater than 100.
limit should be between 1 and 100.400 Bad Request
The following is a sample response for a request where the API key is missing. You need to get your API key from the panel.
{
"error": "No api key provided"
}
400 Bad Request
The following is a sample response for a request where the payload is invalid. This could be due to various reasons, such as a syntax error, wrong keys in the response, etc.
{
"error": "invalid request payload"
}
400 Bad Request
The following is a sample response for a request where the required parameter is missing.
{
"error": "either 'inapp_id' or 'created_between' must be provided"
}
400 Bad Request
The following is a sample response for a request where the payload has both parameters while it requires only one.
{
"error": "provide either 'inapp_id' or 'created_between', not both"
}
400 Bad Request
The following is a sample response for a request where the date format is incorrect for the from parameter.
{
"error": "invalid date format for 'from'; expected format is YYYY-MM-DD"
}400 Bad Request
The following is a sample response for a request where the date format is incorrect for the to parameter.
{
"error": "invalid date format for 'to'; expected format is YYYY-MM-DD"
}
400 Bad Request
The following is a sample response for a request where the to date is not greater than or equal to the from date.
{
"error": "'to' date must be after or equal to 'from' date"
}
400 Bad Request
The following is a sample response for a request where the date range exceeds 90 days.
{
"error": "date range must not exceed 90 days"
}
400 Bad Request
{
"errors": [
{
"message": "invalid request payload"
}
]
}400 Bad Request
{
"errors": [
{
"message": "this field must be one of these:sms",
"field": "channel"
}
]
}400 Bad Request
{
"errors": [
{
"message": "this field is required",
"field": "text"
}
]
}400 Bad Request
{
"errors": [
{
"message": "channel information must be a valid phone number for sms",
"field": "to"
}
]
}400 Bad Request
{
"errors": [
{
"message": "this field must be one of these:whatsapp",
"field": "channel"
}
]
}400 Unifier Error
This code indicates that the CRM unifier in your request cannot be found on InOne.
{
"success": false,
"message": "No CRM Unifier found in InOne."
}400 Invalid Config
This code indicates that the request has an invalid config.
{
"success": false,
"message": "Config is invalid."
}400 Invalid Partner
This code indicates that the partner in the request does not exist.
{
"success": false,
"message": "Partner is invalid."
}400 Maximum Size
This code indicates that the number of products in the request exceeds the maximum size.
{
"success": false,
"message": "Maximum allowed size is 100."
}400 Invalid API Key
This code indicates that there is no partner with this API key. Refer to API Authentication Tokens to get your API key.
{
"response": "No Partner Found With Api Key."
}400 Missing Content
This code indicates that the request is missing the 'content' parameter.
{
"errors": [
"Missing 'content' parameter"
],
"message": "bad-request",
"status": 400
}400 Connection Error
This code indicates that there is a connection error.
{
"success": false,
"message": "Could not get CRM Attributes List."
}400 Throttling Exception
This code indicates that the request exceeds the maximum number of records.
{
"success": false,
"message": "The request is denied. More than 10000 records were sent."
}400 Missing Subject Line
This code indicates that the request is missing the 'subject' parameter.
{
"errors": [
"Missing 'subject' parameter"
],
"message": "bad-request",
"status": 400
}400 Missing Content Type
This code indicates that the request is missing the content type.
{
"message": "content type must be application/json",
"status": 400
}400 Missing 'To' Parameter
This code indicates that the request is missing the 'to' parameter.
{
"errors": [
"Missing 'to' parameter"
],
"message": "bad-request",
"status": 400
}400 Missing 'From' Parameter
This code indicates that the request is missing the 'from' parameter.
{
"errors": [
"Missing 'from' parameter"
],
"message": "bad-request",
"status": 400
}400 Validation Error Message
This code indicates that the request is not validated.
{
"error":"<Field> is required."
}The <Field> is dynamically replaced with the actual missing parameter.
Examples:
"error": "parameter 'subject' is required"
"error": "parameter 'html' is required"
"error": "parameter 'type' is required"
It represents all cases where a mandatory parameter is missing from the request payload.
400 Validation Error Message
{
"error":"$message"
}400 Validation Exception
You can refer to the Fail Records Messages to troubleshoot the Validation Exception errors.
{
"status": "Invalid",
"data": null,
"redirection": null,
"partnerResources": null,
"error": null,
"validations": [
{
"type": "...",
"message": "..."
}
],
"appliedSearchStrategy": null
}400 Business Exception
You can refer to the Fail Records Messages to troubleshoot the Validation Exception errors.
{
"status": "BusinessException",
"data": null,
"redirection": null,
"partnerResources": null,
"error": {
"code": "...",
"message": "..."
},
"validations": null,
"appliedSearchStrategy": null
}400 Maximum Allowed Request Size
This code indicates that the maximum allowed request size is exceeded.
{
"success": false,
"message": "Maximum allowed request size is exceeded."
}400 Maximum Allowed Record Count
This code indicates that the maximum allowed record count is exceeded.
{
"success": false,
"message": "Maximum allowed record count is exceeded."
}400 Invalid Data Exception: Couldn't parse JSON
This code indicates the request data is not in the valid JSON format.
{
"success": false,
"message": "Request data is not in valid JSON format."
}400 X-Api-Key header missing
Refer to API Authentication Tokens to get your API key.
{“error”: “No api key provided”}401 Unauthorized
This code indicates that the API key is incorrect. You need to get your API key from the panel.
{
"error": "Bad Api Key."
}401 Unauthorized
The following response returns if the API key is either empty or wrong. Refer to API Authentication Tokens to get your API key.
{
"error": "bad_api_key",
"message": "'api_key' is either empty or wrong. You can get your API key from Insider Dashboard"
}401 Unauthorized
{
"errors": [
{
"message": "unauthorized"
}
]
}401 Unauthorized
{
"errors": [
{
"message": "invalid code"
}
]
}401 Wrong Token Usage
This response indicates that the provided API key is invalid, expired, or revoked. Refer to API Authentication Tokens to get or renew your API key.
{
"status": false,
"message": "Partner token authentication failed."
}401 Invalid API Key
This code indicates that the provided API key is invalid, expired, or revoked.
{
"message": "The provided API key is invalid, expired or revoked",
"status": 401
}You need to first check the request headers. The key may have been deleted by another user. You need to verify in the panel that the API key is still active (including whitelist checks if applicable). If the key no longer exists, a new API key must be generated. If a newly generated key still does not work, you should contact the Insider One team.
401 Invalid API Key
The API Key sent in the payload does not match the API key at Insider. Please contact Insider for more information.
{
"response": "No Partner Found With Api Key."
}401 Unauthorized Request
This code indicates that the request is unauthorized. Your API token and partner name must match to have authorization.
{
"status_code": 401
}401 Unauthorized Error Message
This code indicates that the request is not authorized.
{
"error":"unauthorized"
}401 Partner Cannot Be Validated
This code indicates that the partner cannot be validated.
{
"success": false
}401 Unauthenticated Domain
This response indicates that your domain is not authenticated.
{
"message": "The domain you are trying to use is not authenticated. Please create a support ticket for the Insider Support Team to authenticate it.",
"status": 401
}If the Insider One team has enabled the Transactional Email Domain Authentication for your account, you can send only from the specific authorized domains. During onboarding, customers must register their sending domains via Add More Domains. This reduces security risks related to unauthorized domain usage.
Before opening a support ticket, you need to verify that the sender domain is properly verified. During onboarding, you must ensure the domain has been authenticated and verified in SendGrid. Otherwise, you might risk spam or block issues.
403 Forbidden
This response indicates that you have no access to use this endpoint. It might be due to various reasons, such as using the wrong API key.
{
"success": false,
"message": "Access Denied. You do not have sufficient access to perform this action."
}403 Forbidden
The following is a sample response for a request where the API key is invalid. Refer to API Authentication Tokens to get your API key.
{
"error": "Invalid api key"
}
403 Authentication Failed
This code indicates that the request has failed due to a missing or invalid authentication key.
403 Request Limit Exceeded
This code indicates that the request limit is exceeded.
{
"error" : {
"message" : "Too many attempts, please slow down the request. 30 Requests/minute is allowed."
},
"status": 403
}403 X-Api-Key header invalid key
Refer to API Authentication Tokens to get your API key.
{“error”: “Invalid api key”}404 Not Found
{"error":"no such user for these identifiers: no data"}404 Not Found
The following is a sample response for a request where no inapp is found.
{
"error": "inapp not found"
}
404 Not Found
{
"errors": [
{
"message": "code not found",
"field": "code"
}
]
}405 Invalid Payload
This code indicates that the request payload is invalid.
{
"error": "Invalid Payload."
}406 Not Acceptable Request
We are able to provide the analytics data for only the last 1 year.
409 Conflict
{
"errors": [
{
"message": "no changes detected"
}
]
}This response indicates that the server did not detect any updates in your request.
You’re sending an update/patch/modify request, but the values in your request body are identical to the existing record. So, the server is essentially indicating that there is no difference between what you just sent and what it already has.
Some APIs can also return a 200 OK response, treating the request as idempotent, but others return a 409 Conflict because, technically, an update was requested, but there was nothing to update.
422 Missing Parameter
This code indicates that the request has a missing parameter(s).
{
"status_code": 422,
"errors": {
"field": [
"The <field> is required."
]
}
}422 Unprocessable Entity
This code indicates that the request cannot be processed.
{
"status_code": 422,
"errors": {
"title": [
"The title field is required."
]
}
}422 No Push Message Certificate
Refer to Push Certificates to see how to add push certificates for iOS, Android, and Huawei.
{
"response": "No Push Message Certificate is Provided."
}424 Failed Dependency
{
"message": "SERVICE:-"
}424 Failed Dependency
{
"message": "SERVICE:-Campaign not found"
}429 Too Many Requests
The rate limit is shared with the User Upsert API with a total of 25,000 requests per minute. This response indicates that you have reached the limit. You need to check your request and wait for some time to send new requests.
{
"error": "rejected: too many requests"
}429 Too Many Requests
{
"errors": [
{
"message": "maximum attempts exceeded",
"field": "code"
}
]
}429 Rate Limit
{
"message": "rate limited"
}500 Internal Server Error
If the request returns this response, Insider One receives alerts via the alert mechanism.
{
"success": false,
"message": "The request processing has failed because of an unknown error."
}500 Internal Server Error
{
"errors": [
{
"message": "channel already exists"
}
]
}500 Internal Server Error
{
"errors": [
{
"message": "server error"
}
]
}500 Internal Server Error
{
"status": "Error",
"data": null,
"redirection": null,
"partnerResources": null,
"error": {
"code": "500 INTERNAL_SERVER_ERROR",
"message": "..."
},
"validations": null,
"appliedSearchStrategy": null
}503 Service Unavailable
This response indicates that the service is temporarily unavailable due to server overload or maintenance.
In this case, you should check whether other recent requests show similar patterns. As the system may temporarily require scaling, you must retry requests within a 15-minute window (503 can occur at any moment). If 503 errors continue for longer than 15 minutes, you should contact the Insider One team with sample requests.
504 Server Timeout
This response indicates that the server did not receive a timely response from an upstream server.
If a request with the same content is sent for the same user within 15 minutes, the system will return the following message:
"status_message": "This request has already been received and is being processed. Any duplicate content from the user will be ignored for the next 15 minutes."
The cause of this response is typically the system load, but upstream service latency may also trigger it. In this case, you should check the overall 504 ratio across other requests. To avoid message loss, retries should be performed within 15 minutes. The duplicate-prevention mechanisms ensure users won’t receive the same message twice. If 504 errors continue for longer than 15 minutes, you should contact the Insider One team with sample request details.
520 Cloudflare Network Error
This response indicates an unexpected error on the Cloudflare network side, preventing the request from being processed.
Suggested Retry Mechanism: If any of the above errors are encountered, the request was not processed successfully on the server side. A retry mechanism is recommended to distribute retries randomly within a 5-minute interval, allowing server resources to recover and traffic to stabilize.