Errors & status codes
The Diggama API uses standard HTTP status codes and returns JSON error responses.
Success codes
| Status | Description | Used by |
|---|---|---|
200 OK | Request succeeded | GET, PUT, PATCH, bulk operations |
201 Created | Resource created | POST |
204 No Content | Resource deleted | DELETE |
207 Multi-Status | Partial success in bulk operation | Bulk endpoints |
Error codes
| Status | Description | Common cause |
|---|---|---|
401 Unauthorized | Missing or invalid token | No Authorization header, expired or revoked token |
403 Forbidden | Insufficient permissions | Token lacks the required ability for this blueprint |
404 Not Found | Resource not found | Invalid resource ID, wrong blueprint, or resource belongs to another project |
422 Unprocessable Entity | Validation failed | Invalid field values (wrong type, missing required fields) |
429 Too Many Requests | Rate limit exceeded | Too many requests in a short period |
Error response format
All error responses return a JSON body with a message field:
json
{
"message": "Unauthenticated."
}Validation errors (422)
Validation errors include a message and an errors object keyed by field name:
json
{
"message": "The given data was invalid.",
"errors": {
"attributes.email": ["The email field must be a valid email address."],
"attributes.title": ["The title field is required."]
}
}Rate limiting
The API allows 1,000 requests per minute per authenticated token (or per IP address for unauthenticated requests). This limit applies to all endpoints across both V1 and V2.
When the limit is exceeded, the API returns a 429 response with a Retry-After header indicating how many seconds to wait:
json
{
"error": "RATE_LIMIT_EXCEEDED",
"message": "Too many requests. Please try again later.",
"details": {
"retry_after": 42
}
}Troubleshooting
"Unauthenticated" (401)
- Verify the token is passed as
Authorization: Bearer {token} - Check that the token has not been revoked in the dashboard
- Ensure you're using the correct project token
"Forbidden" (403)
- The token exists but lacks the required ability. Check the token's permissions in Project settings > Tokens
- Abilities are scoped per blueprint — a token with
viewonpostscannot accessproducts
"Not Found" (404)
- Verify the blueprint slug matches exactly (e.g.
blog-posts, notblogposts) - Check the resource ID is correct and belongs to the same project as the token
"Unprocessable Entity" (422)
- Read the
errorsobject to identify which fields failed validation - Ensure field values match the expected types defined in the blueprint
- For
referencefields, ensure the referenced resource ID exists