Responses
Salla have applied all the technical standards have been placed by the REST principles. So, developers can always receive, read, decode, or understand the errors in responses based on the following form:
Color Code | Response | Status | Meaning |
---|---|---|---|
200 | Success | The request has succeeded. | |
201 | Created | API call has been accepted for processing. The sent resource has been successfully inserted/updated at our database | |
202 | Accepted | API call has been accepted for processing. This status code is used only when the sent resource has been successfully deleted from our database | |
204 | No content | The server successfully processed the request, but is not returning any content | |
:::info
With a 2xx
success response, the response body will include a status
field reflecting the HTTP status (2xx) and a success
field set to true
and , as shown in the following example:
{
"status": 200,
"success": true,
"data": {
"message": null,
"code": 200
}
}
:::
Salla APIs may return the following error codes in response to any request encountering an error.:
Color Code | Response | Slug | Status | Meaning |
---|---|---|---|---|
400 | bad_request |
Bad Request | Invalid parameters, fields or filters | |
401 | unauthorized |
Unauthorized | authorization error (invalid basic auth data or API key) | |
403 | forbidden |
Forbidden | The server understood the request, but is refusing it (blocked due to many errors in particular time) or the access is not allowed. | |
404 | not_found |
Not Found | The specified resource/url-path could not be found | |
405 | method_not_allowed |
Method Not Allowed | The method used is not allowed. | |
406 | not_acceptable |
Not Acceptable | The format used is not acceptable. | |
410 | gone |
Gone | The resource requested is no longer available. | |
422 | validation_failed |
Unprocessible Entity | used if the server cannot process the enitity, e.g. mandatory fields are missing in the payload. | |
429 | too_many_requests |
Too Many Requests | Rate limit exceeded. | |
500 | server_error |
Internal Server Error | We might be updating our services, please wait a while before trying again. | |
503 | service_unavailable |
Service Unavailable | We were unable to handle the HTTP request due to a temporary overloading or maintenance of the server. Please try again later. |
:::caution[Important]
In case of multiple errors resulting in a 4xx response, the response will include a list of "fields
" and an array of error messages as "values
" for those fields, explaining the errors for each field. Here is an example for reference.
:::
401 Cases
This section outlines common scenarios where the API responds with a 401 Unauthorized status. These responses typically indicate issues with user accounts, tokens, or permissions. By understanding these cases, you can troubleshoot and handle errors effectively to ensure seamless integration with our API.
1. Deleted User
If the user installed the app and this user account is deleted. The token associated with this user will got 401 response.
{
"status": 401,
"success": false,
"error": {
"code": "Unauthorized",
"message": "The User is not exists."
}
}
2. Inactive User
If the user installed the app and user account is inactive. The token associated with this user will got 401 response.
{
"status": 401,
"success": false,
"error": {
"code": "Unauthorized",
"message": "عفوا لا يمكنك تسجيل الدخول, حسابك غير مفعل"
}
}
3. Using The Same Refresh Token More Than Once to Generate Token
If the refresh_token
is used more than once, this will invalidate the token. The API response will be 401. Additionally, both the access token and the refresh token will be revoked.
{
"error": "invalid_grant",
"error_description": "The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client. The OAuth 2.0 Client ID from this request does not match the ID during the initial token issuance."
}
4. Not allowed Scopes
If the user try to access the endpoint which scopes are not allowed, the API response with 401.
{
"status": 401,
"success": false,
"error": {
"code": "Unauthorized",
"message": "The access token should have access to one of those scopes: products.read_write"
}
}
5. Invalid Access token
This might happen due to expired access token, uninstalled app, or invalid access token value provided in the request
{
"status": 401,
"success": false,
"error": {
"code": "Unauthorized",
"message": "The access token is invalid"
}
}