Skip to main content

Overview

The OFAuth API uses standard HTTP status codes with structured JSON error responses to provide clear, actionable feedback when things go wrong.

Error Response Format

All API errors return a consistent JSON structure: 
{
  "error": "Human-readable error message",
  "type": "ERROR_TYPE",
  "requestId": "req_abc123",
  "actionRequired": "refresh_session"
}

Error Response Fields

FieldTypeDescription
errorstringHuman-readable error message for developers
typestringMachine-readable error type for programmatic handling
requestIdstringUnique request identifier for debugging and support
actionRequiredstringOptional hint for how to resolve the error

HTTP Status Codes

Success Codes

CodeDescriptionWhen Used
200OKRequest successful, data returned
201CreatedResource successfully created
204No ContentRequest successful, no data to return

Client Error Codes

CodeDescriptionAction Required
400Bad requestFix request format/data
401Session expired or invalidRe-authenticate user
404Route or resource not foundCheck endpoint URL
429Rate limit exceededWait and retry

Server Error Codes

CodeDescriptionAction Required
500Unknown errorRetry or contact support
502Proxy errorRetry after delay
503Network errorRetry after delay

Error Types

The type field in error responses will be one of the following:
TypeHTTP StatusDescriptionAction Required
UNAUTHORIZED401Missing or invalid API keyCheck API key
SESSION_NOT_PROVIDED401Connection not found or missing session dataRe-authenticate user via Link
SESSION_EXPIRED401User session has expiredRe-authenticate user via Link
FORBIDDEN403Insufficient permissionsCheck connection permissions
RULES_OUTDATED401Dynamic rules need updatingRetry—OFAuth handles this automatically
BAD_REQUEST400Invalid request parametersFix request format/data
RESOURCE_NOT_FOUND404Requested resource not foundCheck resource ID
ROUTE_NOT_FOUND404Endpoint path not foundCheck endpoint URL
RATE_LIMIT_EXCEEDED429Request rate limit exceededWait and retry with backoff
UPLOAD_ERROR502Media upload failedRetry upload
UNKNOWN_ERROR500/503Unexpected or temporary errorRetry or contact support

Action Required Hints

Some errors include an actionRequired field suggesting how to resolve the issue:
ActionDescription
relink_connectionConnection expired—user needs to re-authenticate via Link
verify_identityID verification required—prompt user to complete verification on OnlyFans
refresh_rulesDynamic rules are outdated (retry automatically)
try_againTransient error—retry the request

Rate Limiting

When you hit a rate limit, the response includes:
  • HTTP Status: 429
  • Retry-After header: Seconds to wait before retrying
{
  "error": "Rate limit exceeded, please wait a few seconds before trying again",
  "type": "RATE_LIMIT_EXCEEDED",
  "requestId": "req_abc123"
}

Handling Rate Limits

  1. Check for 429 status code
  2. Read the Retry-After header (defaults to 60 seconds if missing)
  3. Wait the specified duration before retrying
  4. Implement exponential backoff for repeated failures

Common Error Scenarios

Session Expired

When a user’s OnlyFans session expires: 
{
  "error": "Connection expired",
  "type": "SESSION_EXPIRED",
  "actionRequired": "relink_connection",
  "requestId": "req_abc123"
}
Resolution: Redirect the user through the Link flow to re-authenticate.

Connection Not Found

When a connection ID doesn’t exist or has no session data: 
{
  "error": "Connection not found",
  "type": "SESSION_NOT_PROVIDED",
  "requestId": "req_abc123"
}
Resolution: The connection may have been deleted or never completed. Create a new Link session for the user.

Service Unavailable

When there’s a temporary issue: 
{
  "error": "Service temporarily unavailable",
  "type": "UNKNOWN_ERROR",
  "actionRequired": "try_again",
  "requestId": "req_abc123"
}
Resolution: Retry the request after a short delay. These errors are typically transient.

Error Handling Best Practices

Check the type field

Branch on the type field for programmatic handling, not the error message

Log requestId

Include requestId in logs and support requests for debugging

Handle session errors

Watch for SESSION_EXPIRED and SESSION_NOT_PROVIDED to trigger re-auth flows

Implement retries

Use exponential backoff for PROXY_ERROR, NETWORK_ERROR, and rate limits

Example Error Handler

async function handleOFAuthRequest(response: Response) {
  if (!response.ok) {
    const error = await response.json();
    
    switch (error.type) {
      case 'SESSION_EXPIRED':
      case 'SESSION_NOT_PROVIDED':
        // Redirect user to re-authenticate
        return redirectToLink(userId);
      
      case 'RATE_LIMIT_EXCEEDED':
        const retryAfter = response.headers.get('Retry-After') || '60';
        await sleep(parseInt(retryAfter) * 1000);
        return retry();
      
      case 'PROXY_ERROR':
      case 'NETWORK_ERROR':
        // Retry with backoff
        await sleep(1000);
        return retry();
      
      default:
        console.error('OFAuth error:', error.type, error.error, error.requestId);
        throw new Error(error.error);
    }
  }
  
  return response.json();
}

Next Steps

Rate Limiting

Token bucket system and backoff strategies

Access API

Using the Access API

Webhooks

Get notified of connection status changes