Errors
The following table describes possible errors, their cause and the action to take by RP.
HTTP | Errorcode | Reason | Action by RP |
---|---|---|---|
400 |
alreadyInProgress |
An auth or sign request with a personal number was sent, but an order for the user is already in progress. The order is aborted. No order is created. Details are found in details. |
RP must inform the user that an auth or sign order is already in progress for the user. Message RFA4 should be used. |
400 |
invalidParameters |
Invalid parameter. Invalid use of method. Details are found in details. Potential causes:
|
RP must not try the same request again. This is an internal error within the RP's system and must not be communicated to the user as a BankID error. |
400 |
Unknown error code |
We may introduce new error codes without prior notice. RP must handle unknown error codes in their implementations. |
If an unknown errorCode is returned, RP should inform the user. Message RFA22 should be used. RP should update their implementation to support the new errorCode as soon as possible. |
401, 403 |
unauthorized |
RP does not have access to the service. |
RP must not try the same request again. This is an internal error within the RP's system and must not be communicated to the user as a BankID error. |
404 |
notFound |
An erroneous URL path was used. |
RP must not try the same request again. This is an internal error within the RP's system and must not be communicated to the user as a BankID error. |
405 |
methodNotAllowed, "<"empty">" |
Only http method POST is allowed. |
RP must not try the same request again. This is an internal error within the RP's system and must not be communicated to the user as a BankID error. |
408 |
requestTimeout |
It took too long time to transmit the request. |
RP must not automatically try again. This error may occur if the processing at RP or the communication is too slow. RP must inform the user. Message RFA5 should be used. |
415 |
unsupportedMediaType |
Adding a "charset" parameter after 'application/json' is not allowed since the MIME type "application/json" has neither optional nor required parameters. |
RP must not try the same request again. This is an internal error within the RP's system and must not be communicated to the user as a BankID error. |
500 |
internalError |
Internal technical error in the BankID system. |
RP must not automatically try again. RP must inform the user. Message RFA5 should be used. |
503 |
maintenance |
The service is temporarily unavailable. |
RP may try again without informing the user. If this error is returned repeatedly, RP must inform the user. Message RFA5 should be used. |
400
alreadyInProgress
An auth or sign request with a personal number was sent, but an order for the user is already in progress. The order is aborted. No order is created.
Details are found in details.
RP must inform the user that an auth or sign order is already in progress for the user. Message RFA4 should be used.
400
invalidParameters
Invalid parameter. Invalid use of method. Details are found in details.
Potential causes:
Using an orderRef that previously resulted in a completed order. The order cannot be collected twice.
Using an orderRef that previously resulted in a failed order. The order cannot be collected twice.
Using an orderRef that is too old.
Completed orders can only be collected up to 3 minutes and failed orders up to 5 minutes.
Timed out orders due to never being picked up by the client are only available for collect for 3 min and 10 seconds.
Using a different RP-certificate than the one used to create the order.
Using too big content in the request.
Using non-JSON in the request body.
RP must not try the same request again. This is an internal error within the RP's system and must not be communicated to the user as a BankID error.
400
Unknown error code
We may introduce new error codes without prior notice. RP must handle unknown error codes in their implementations.
If an unknown errorCode is returned, RP should inform the user. Message RFA22 should be used.
RP should update their implementation to support the new errorCode as soon as possible.
401, 403
unauthorized
RP does not have access to the service.
RP must not try the same request again. This is an internal error within the RP's system and must not be communicated to the user as a BankID error.
404
notFound
An erroneous URL path was used.
RP must not try the same request again. This is an internal error within the RP's system and must not be communicated to the user as a BankID error.
405
methodNotAllowed, "<"empty">"
Only http method POST is allowed.
RP must not try the same request again. This is an internal error within the RP's system and must not be communicated to the user as a BankID error.
408
requestTimeout
It took too long time to transmit the request.
RP must not automatically try again. This error may occur if the processing at RP or the communication is too slow. RP must inform the user. Message RFA5 should be used.
415
unsupportedMediaType
Adding a "charset" parameter after 'application/json' is not allowed since the MIME type "application/json" has neither optional nor required parameters.
RP must not try the same request again. This is an internal error within the RP's system and must not be communicated to the user as a BankID error.
500
internalError
Internal technical error in the BankID system.
RP must not automatically try again. RP must inform the user. Message RFA5 should be used.
503
maintenance
The service is temporarily unavailable.
RP may try again without informing the user. If this error is returned repeatedly, RP must inform the user. Message RFA5 should be used.
Example response from collect with an invalid orderRef
HTTP/1.1 400 Bad Request
Content-Type: application/json
{
"errorCode":"invalidParameters",
"details":"No such order"
}