Overview
The OFAuth API uses standard HTTP status codes with structured JSON error responses to provide clear, actionable feedback when things go wrong. This systematic approach helps developers quickly identify and resolve issues.Error Response Format
All API errors return a consistent JSON structure with three core fields:error: a human-readable description of what went wrongcode: a machine-readable identifier you can branch on in your clientdetails: optional contextual information such as the affected field
Error Response Fields
| Field | Type | Description |
|---|---|---|
error | string | Human-readable error message for developers |
code | string | Machine-readable error code for programmatic handling |
details | object | Additional context like field validation errors |
HTTP Status Codes
Success Codes
| Code | Description | When Used |
|---|---|---|
200 | OK | Request successful, data returned |
201 | Created | Resource successfully created |
204 | No Content | Request successful, no data to return |
Client Error Codes
| Code | Category | Description | Action Required |
|---|---|---|---|
400 | Client Error | Invalid request parameters | Fix request format/data |
401 | Client Error | Invalid/missing API key | Check authentication |
403 | Client Error | Insufficient permissions | Contact support |
404 | Client Error | Resource not found | Check endpoint URL |
422 | Client Error | Validation failed | Fix request data |
429 | Client Error | Rate limit exceeded | Wait and retry |
Server Error Codes
| Code | Category | Description | Action Required |
|---|---|---|---|
500 | Server Error | Internal server error | Retry or contact support |
502 | Server Error | Upstream service error | Retry or contact support |
503 | Server Error | Service unavailable | Check status page |
504 | Server Error | Gateway timeout | Retry with longer timeout |
Error Code Categories
Authentication Errors (AUTH_*)
| Code | HTTP Status | Description | Resolution |
|---|---|---|---|
AUTH_INVALID_KEY | 401 | API key is invalid or malformed | Verify API key format and validity |
AUTH_KEY_EXPIRED | 401 | API key has expired | Generate new API key |
AUTH_INSUFFICIENT_SCOPE | 403 | API key lacks required permissions | Contact support for permission upgrade |
AUTH_CONNECTION_NOT_FOUND | 404 | Connection ID doesn’t exist | Re-authenticate user |
AUTH_SESSION_EXPIRED | 401 | User session has expired | Re-authenticate user |
Validation Errors (VALIDATION_*)
| Code | HTTP Status | Description | Resolution |
|---|---|---|---|
VALIDATION_REQUIRED_FIELD | 422 | Required field missing | Add missing field to request |
VALIDATION_INVALID_FORMAT | 422 | Field format is incorrect | Fix field format |
VALIDATION_INVALID_VALUE | 422 | Field value is invalid | Use valid field value |
VALIDATION_FIELD_TOO_LONG | 422 | Field exceeds maximum length | Shorten field value |
Rate Limiting Errors (RATE_LIMIT_*)
| Code | HTTP Status | Description | Resolution |
|---|---|---|---|
RATE_LIMIT_EXCEEDED | 429 | Request rate limit exceeded | Wait and retry with backoff |
RATE_LIMIT_QUOTA_EXCEEDED | 429 | Monthly quota exceeded | Upgrade plan or wait for reset |
Connection Errors (CONNECTION_*)
| Code | HTTP Status | Description | Resolution |
|---|---|---|---|
CONNECTION_NOT_FOUND | 404 | Connection ID not found | Re-authenticate user |
CONNECTION_EXPIRED | 401 | Connection has expired | Re-authenticate user |
CONNECTION_INVALID_STATE | 400 | Connection in invalid state | Check connection status |
CONNECTION_LIMIT_EXCEEDED | 403 | Too many connections | Remove unused connections |
Upstream Errors (UPSTREAM_*)
| Code | HTTP Status | Description | Resolution |
|---|---|---|---|
UPSTREAM_UNAVAILABLE | 502 | OnlyFans API unavailable | Retry after delay |
UPSTREAM_TIMEOUT | 504 | OnlyFans API timeout | Retry with longer timeout |
UPSTREAM_RATE_LIMITED | 429 | OnlyFans rate limit hit | Wait and retry |
UPSTREAM_INVALID_RESPONSE | 502 | Unexpected upstream response | Report to support |
Dynamic Rules Errors (RULES_*)
| Code | HTTP Status | Description | Resolution |
|---|---|---|---|
RULES_OUTDATED | 503 | Dynamic rules need updating | Wait and retry |
RULES_UNAVAILABLE | 503 | Rules service unavailable | Wait and retry |
RULES_INVALID_SIGNATURE | 401 | Request signature invalid | Update rules and regenerate signature |
Error Handling Examples
Basic Error Handling
Follow these practices when calling the API from client code:- Check
response.okbefore parsing the body and surface the HTTP status in your logs. - Parse the JSON payload and branch on
errorData.codeto determine the recovery path. - Redirect users to re-authentication when you receive connection or session errors.
- Respect the
X-RateLimit-Retry-Afterheader and pause before retrying rate-limited calls. - Bubble up unexpected errors so they can be reported to your monitoring stack.
Advanced Error Handler Class
Build a reusable error-handling helper so every request is treated consistently. The helper should:- Centralize logging of HTTP status codes, request identifiers, and the parsed error payload.
- Categorize errors (retryable, authentication, validation) to route them to the right recovery logic.
- Apply backoff to retryable errors and honour server-provided retry hints.
- Trigger re-authentication flows when connection or session errors are detected.
- Raise typed exceptions (for example
ApiError,AuthError,ValidationError) so downstream code can react precisely.
Validation Error Details
Validation errors include specific field information. Expectdetails.field to identify the problematic input, details.message to describe the issue, and details.value (when provided) to show what was rejected.
Handle validation errors with user-friendly messages by mapping the fields in details to UI controls, highlighting the inputs that need attention, and surfacing the descriptive message inline for the user.
Debugging Tips
Use Error Codes
Always check the
code field for programmatic error handlingLog Full Responses
Log complete error responses for debugging and support
Monitor Error Patterns
Track error frequency and types to identify issues
Test Error Scenarios
Test your error handling with intentional invalid requests
Error Monitoring
Implement error tracking for production applications by storing structured error metadata, tracking frequency per error code, sending alerts when thresholds are exceeded, and forwarding enriched events (timestamp, status, stack trace, and request context) to your monitoring platform.Common Error Scenarios
Authentication Issues
When you receive authentication or connection errors:- Inspect the response body for
CONNECTION_EXPIRED,AUTH_SESSION_EXPIRED, or related codes. - Inform the user that they must reconnect and send them through the hosted re-authentication flow.
- Clear cached credentials so the next attempt starts with a fresh session.
- Log the status, code, and affected connection ID for support follow-up.
Rate Limiting
Handle rate limits by adopting exponential backoff. Read theX-RateLimit-Retry-After header (it defaults to 60 seconds when missing), pause before the next attempt, and stop retrying once the maximum retry count has been reached. Track cumulative failures so you know when to surface a persistent outage to the user.