Errors

Every error response includes a JSON body with at minimum a message field — and where applicable, a stable error code and a structured errors map for validation failures.

401 Unauthorized

{
  "error": "unauthorized",
  "message": "Invalid or inactive API key."
}

Causes: missing Authorization header, malformed token, expired token, deactivated token.

403 Forbidden

{
  "error": "forbidden",
  "message": "This token does not have the required scope: write:posts"
}

Causes: missing scope on the token, IP restriction blocks the request.

404 Not Found

Empty body. The resource ID does not exist or the token does not have access to it.

422 Validation Error

{
  "error": "validation_error",
  "message": "The given data was invalid.",
  "errors": {
    "body": ["The body field is required."]
  }
}

The errors object maps field names to arrays of human-readable messages. Use them to build per-field validation feedback in your integration's UI.

429 Too Many Requests

{ "message": "Too Many Attempts." }

See Rate limiting for backoff guidance.

5xx

Internal server errors are returned as 500 with a generic message and no further detail. They are tracked server-side. Retry with exponential backoff — most are transient.