HTTP errors

If you send a request to a valid URI, and the request contains properly formatted JSON, you should always receive a response with the status 200 (OK) and a JSON formatted response. The OMA requests always result in one of the following response codes:

Error code
200OK, the response to the request follows in the response body.
400Bad Request. The request contained badly formatted JSON or was otherwise badly formatted.
404Not Found. Non-existent method requested.
500Internal Server Error. Something went terribly wrong and it's not the user's fault.

API errors

For methods that deal with multiple objects, for example restore_deleted_messages, the response contains an array of objects, and each object has its own success and potentially error and error_number fields. In that case, you may see one of the following error response codes:

Error codeError textMeaning
0Server error.Returned when something goes wrong and it is not the client's fault.
1Invalid credentials supplied in request.Returned when the user name or password is not valid.
2The requested object does not exist.Returned when the object (user, domain, brand, etc) being queried, changed or deleted does not exist.
3This object is an alias.Returned when the name of an object to be changed in a request is an alias or an object. Objects can only be changed via their real name.
4Requestor lacks permission to change one or more of the requested attributes.Returned when the request specifies a change to an attribute that the user does not have permission to change.
5Request badly formatted (missing required field, or field is not the correct data type).Returned when the request is not properly formatted.
6One or more attributes badly formatted.Returned when the request to change an object contains an unrecognized attribute or an attribute value that is not well formatted. For example, the value of the key filter might not be a valid number.
7An object with this name already exists.Returned when the request to create an object names an object that already exists.
8An object with this name already exists.Returned when the request to create an object names an object that already exists.
9Requestor does not own this object or lacks permission to perform this action.Returned when the user lacks permission to perform the requested action.
10The requested object is not empty.Returned when the request asks to delete an object, but the object is not empty (for example to delete a domain but the domain contains users).
11Company does not exist.Returned with the company containing an object to be changed (domain, brand) does not exist.
12Role does not existReturned when attempting to add a non-existent role to a user.
13User does not existReturned when attempting to do something with a user (post a bulletin to a test user) and that user does not exist.
14Brand in useReturned when attempting to delete a brand, and that brand is assigned to a user, domain or company.
15Domain users fullReturned when attempting to create a user, and the user's domain is at its user limit.
16Domain aliases fullReturned when attempting to create an alias to a user and the domain is at its alias limit.
17Not inReturned when an operation requires a user to be an member of something and the user is not.
18Workgroup is defaultReturned when attempting to delete a workgroup that is the domain's default workgroup.
19Migration Job ExistsReturned when attempting to create a new migration job, and a migration job with the given ID already exists.
20Try again laterA transient system error occurred. Not the caller's fault. Method should be retried.
21Requestor not permitted from this IP addressIP restrictions have been set for this admin user and the source IP does not match them.
22Requested object temporarily unavailable, try again laterTemporary error, please retry in a few minutes.
23Object already existsIf object already exists and create_only attribute was passed in the request.
24Admins exist that control this object
25Failed to obtain provisioning lockTemporary error, please retry in a few minutes.
26The requested folder does not exist
27The domain is missing the filtermx setting
28An internal error occurredIf error persists, please contact OpenSRS support
29An internal error occurred - failed to connectIf error persists, please contact OpenSRS support
30An internal error occurred - failed to sendIf error persists, please contact OpenSRS support
31User was not type filter
32Admin is disabled
332FA is requiredReturned when second stage Two-Factor Authentication credentials are required
34password must be at least 10 charactersReturned when using reseller_id credentials during 2FA signup if password is not deemed secure enough
352fa code validation failureReturned when second stage 2FA credentials are incorrect
36password cannot be one of the previous 8 usedReturned when using reseller_id credentials during 2FA signup and new password was previously used
37Alias domain does not exist
38maximum number of forward recipients reachedReturned when trying to set more forward recipients than allowed on an account.
39expired
40Password not strong enoughReturned when a user's password fails the password strength check (see change_user)
41Password on the ban listReturned when a user's password fails the password banned check
422FA is required, not enabled on this accountReturned during authentication when 2FA is forced for user, user has not enabled it, and user is out of grace logins.
432FA challenge failedReturned when second stage 2FA credentials are incorrect
442FA Auth required to change 2fa_required_omaAttribute can only be changed when user authenticated with 2FA
45Brand settings prevent this action
46Max number of App Passwords has been reachedTarget user has reached maximum (4) number of App Passwords.
47Target is a domain aliasCannot rename a user into a domain alias; can only rename the user into the true domain name.
48Password rejected - contains username or other account infoReturned when a user's password fails the password contains check
49Push denied. Gaining company has not pre-authorizedAttempted to push a domain to a company that has not authorized this company to push domains to it.