Error Codes and Handling
This guide provides comprehensive information about error handling in the Orsunpay API, including error codes, retry strategies, and best practices.
All API errors follow a consistent format:
HTTP Status Codes
| Status | Name | Description | When to Retry |
|---|
400 | Bad Request | Invalid request parameters | ❌ Never |
401 | Unauthorized | Invalid or missing API key | ❌ Never |
403 | Forbidden | Insufficient permissions | ❌ Never |
404 | Not Found | Resource doesn’t exist | ❌ Never |
409 | Conflict | Resource conflict (e.g., duplicate) | ❌ Never |
422 | Unprocessable Entity | Valid request, business rule violation | ❌ Never |
429 | Too Many Requests | Rate limit exceeded | ✅ After delay |
500 | Internal Server Error | Server error | ✅ With backoff |
502 | Bad Gateway | Upstream service error | ✅ With backoff |
503 | Service Unavailable | Service temporarily down | ✅ With backoff |
504 | Gateway Timeout | Request timeout | ✅ With backoff |
Authentication Errors
authentication_required
invalid_api_key
insufficient_permissions
Validation Errors
invalid_request
invalid_parameter_value
parameter_out_of_range
Resource Errors
resource_not_found
resource_already_exists
Business Logic Errors
transaction_not_capturable
insufficient_balance
payment_method_not_supported
Rate Limiting Errors
rate_limit_exceeded
Provider Errors
provider_error
provider_unavailable
Idempotency Errors
idempotency_conflict
Retry Strategies
Exponential Backoff
Rate Limit Handling
Circuit Breaker Pattern
Error Handling Best Practices
1. Implement Proper Error Handling
2. Log Errors Appropriately
3. Graceful Degradation
4. User-Friendly Error Messages
Monitoring and Alerting
Error Rate Monitoring
Set up alerts for:
- Error rate > 5% over 5 minutes
- Specific error codes (authentication, provider errors)
- Rate limiting events
- Circuit breaker state changes
Key Metrics
- Error Rate: Percentage of requests resulting in errors
- Error Distribution: Breakdown by error code and HTTP status
- Recovery Time: Time to recover from errors
- Retry Success Rate: Success rate of retry attempts
Always implement proper error handling and never expose sensitive information in error messages or logs.
Use idempotency keys for all state-changing operations to prevent duplicate processing in retry scenarios.