Errors

The GovernLayer API uses conventional HTTP status codes to indicate success or failure. Errors include a JSON body with detail explaining what went wrong.

Status codes

  • Name
    200 OK
    Description

    Request succeeded. Response body contains the result.

  • Name
    201 Created
    Description

    Resource created successfully (e.g., new compliance program).

  • Name
    400 Bad Request
    Description

    Invalid request body or missing required fields.

  • Name
    401 Unauthorized
    Description

    Missing or invalid API key / JWT token.

  • Name
    403 Forbidden
    Description

    Valid credentials but insufficient scope for this endpoint.

  • Name
    404 Not Found
    Description

    The requested resource does not exist.

  • Name
    422 Validation Error
    Description

    Request body failed schema validation. Check the detail array for specifics.

  • Name
    429 Too Many Requests
    Description

    Rate limit exceeded. Check the Retry-After header.

  • Name
    500 Internal Server Error
    Description

    Something went wrong on our end. Contact support if this persists.

Error response format

All error responses follow a consistent JSON structure:

  • Name
    detail
    Type
    string | array
    Description

    Human-readable error message, or an array of validation errors.

  • Name
    status_code
    Type
    integer
    Description

    The HTTP status code.

Validation error (422)

{
  "detail": [
    {
      "loc": ["body", "system_name"],
      "msg": "field required",
      "type": "value_error.missing"
    }
  ]
}

Authentication error (401)

{
  "detail": "Invalid or missing API key"
}

Rate limit error (429)

{
  "detail": "Rate limit exceeded. 100 requests per minute allowed.",
  "retry_after": 32
}

Was this page helpful?