Errors
The following table describes possible errors, their cause and the action to take by RP.
HTTP (errorcode) | Reason | Action by RP |
---|---|---|
400 (alreadyInProgress) |
An auth or sign request with personal number was sent, but an order for the user is already in progress. The order is aborted. No order is created. More information is found in details. |
RP must inform the user that an auth or sign order is already in progress for the user. Please use message RFA4. Please see recommended user messages |
400 (invalidParameters) |
|
RP must not try the same request again. This is an internal error within RP's system and must not be communicated to the user as a BankID error. |
400 |
We may introduce new error codes without prior notice. RP must handle unknown error codes in their implementations. |
If an unknown errorCode is returned, RP should inform the user by displaying message RFA22. RP should update their implementation to support the new errorCode as soon as possible. Please see recommended user messages |
401, 403 (unauthorized) |
RP does not have access to the service. |
RP must not try the same request again. This is an internal error within RP's system and must not be communicated to the user as a BankID error. |
404 (notFound) |
An erroneously URL path was used. |
RP must not try the same request again. This is an internal error within RP's system and must not be communicated to the user as a BankID error. |
405 (methodNotAllowe d, |
Only http method POST is allowed. |
RP must not try the same request again. This is an internal error within RP's system and must not be communicated to the user as a BankID error. |
408 (requestTimeout) |
It took too long time to transmit the request. |
RP must not automatically try again. This error may occur if the processing at RP or the communication is too slow. RP must inform the user by displaying message RFA5. Please see recommended user messages |
415 (unsupportedMedia Type) |
Adding a "charset" parameter after 'application/json' is not allowed since the MIME type "application/json" has neither optional nor required parameters. The type is missing or erroneously. |
RP must not try the same request again. This is an internal error within RP's system and must not be communicated to the user as a BankID error. |
500 (internalError) |
Internal technical error in the BankID system. |
RP must not automatically try again. RP must inform the user. Please use message RFA5. Please see recommended user messages |
503 (maintenance) |
The service is temporarily out of service. |
RP may try again without informing the user. If this error is returned repeatedly, RP must inform the user. Please use message RFA5. Please see recommended user messages |
400 (alreadyInProgress)
An auth or sign request with personal number was sent, but an order for the user is already in progress. The order is aborted. No order is created. More information is found in details.
RP must inform the user that an auth or sign order is already in progress for the user. Please use message RFA4.
Please see recommended user messages
400 (invalidParameters)
- Invalid parameter. Invalid use of method.
- Using an orderRef that previously resulted in completed. The order cannot be collected twice.
- Using an orderRef that previously resulted in failed. The order cannot be collected twice.
- Using an orderRef that is too old. Completed orders can only be collected up to 3 minutes and failed orders up to 5 minutes. More information is found in details.
- Using a different RP-certificate than the one used to create the order.
- Using too big content in the request.
- Using non-JSON in the request body.
RP must not try the same request again. This is an internal error within RP's system and must not be communicated to the user as a BankID error.
400
We may introduce new error codes without prior notice. RP must handle unknown error codes in their implementations.
If an unknown errorCode is returned, RP should inform the user by displaying message RFA22. RP should update their implementation to support the new errorCode as soon as possible.
Please see recommended user messages
401, 403 (unauthorized)
RP does not have access to the service.
RP must not try the same request again. This is an internal error within RP's system and must not be communicated to the user as a BankID error.
404 (notFound)
An erroneously URL path was used.
RP must not try the same request again. This is an internal error within RP's system and must not be communicated to the user as a BankID error.
405 (methodNotAllowe d,
Only http method POST is allowed.
RP must not try the same request again. This is an internal error within RP's system and must not be communicated to the user as a BankID error.
408 (requestTimeout)
It took too long time to transmit the request.
RP must not automatically try again. This error may occur if the processing at RP or the communication is too slow. RP must inform the user by displaying message RFA5.
Please see recommended user messages
415 (unsupportedMedia Type)
Adding a "charset" parameter after 'application/json' is not allowed since the MIME type "application/json" has neither optional nor required parameters. The type is missing or erroneously.
RP must not try the same request again. This is an internal error within RP's system and must not be communicated to the user as a BankID error.
500 (internalError)
Internal technical error in the BankID system.
RP must not automatically try again. RP must inform the user. Please use message RFA5.
Please see recommended user messages
503 (maintenance)
The service is temporarily out of service.
RP may try again without informing the user. If this error is returned repeatedly, RP must inform the user. Please use message RFA5.
Please see recommended user messages
Example response from collect with an invalid orderRef
HTTP/1.1 400 Bad Request
Content-Type: application/json
{
"errorCode":"invalidParameters",
"details":"No such order"
}