RBAC service errors
RBAC API error responses can be formatted as c
text/html or JSON objects.
Error response format
RBAC API error responses can use the following keys:
|The kind of error encountered.
|A human-readable message associated with the
For error responses formatted as
|Additional, potentially machine-readable, information about the error condition.
General error responses
RBAC API endpoints that accept a JSON body might return these responses.
|The submitted data is not valid JSON. The
details key contains an error message from the JSON
|The submitted data has an unexpected structure, such
as invalid fields or missing required fields. The
key describes the problem, and the
details key is an
|ID data in the request body doesn't match the ID in
the request's URI path. The
details key shows the two
|The request's URI path contains a filter on the ID with an invalid format. No details are given with this error.
|An invalid UUID was submitted. No details are given with this error.
|An unauthenticated user attempted to access an endpoint that requires authentication.
|A revoked user attempted to access an endpoint that requires authentication.
|A person attempted to log in as the
api_user with a password. The
api_user does not support username/password
A remote user who is not yet known to RBAC attempted to authenticate, but a local user with the same login already exists.
The solution is to change either the local user's login in RBAC, or to change the remote user's
login. To change the remote user's login you can either change the
|A user attempted an action that they are not permitted to perform.
|A user attempted to edit metadata or associations
belonging to the default user
roles or default
api_user) that they are not allowed to
|You submitted a value for a field that is supposed to be unique, but another object already has that value. For example, when you attempt to create a user with the same login as an existing user.
|An object was submitted with a
list of associated IDs (for example,
user_ids) and one or more of those IDs does
not correspond to an object of the correct type.
|An object was submitted with a list LDAP user or group IDs, and one or more of those IDs does not correspond to an existing LDAP user or group.
|A login was attempted, but LDAP found multiple users
with the given username. Your directory service settings must use a
user_lookup_attr that is guaranteed to be unique
within the provided user's RDN.
|Occurs when the server throws an unspecified exception. A message and stack trace are usually available in the logs.