If an error occurs, the API will respond with the appropriate HTTP status code and an error message object which contains an error code and a humanly readable message.

List of error codes

Error code	HTTP status code	Meaning
`bad_request`	`400 Bad Request`	The request was malformed.
`invalid_<parameter>`	`400 Bad Request`	The request was malformed. The query parameter parameter contains an invalid value.
`unauthorized`	`401 Unauthorized`	Invalid credentials were used to authenticate the request.
`permission_denied`	`403 Forbidden`	Permission to the requested resource was denied. This often means that a request should have been authenticated but was not.
`insufficient_permissions`	`403 Forbidden`	The authentication used does not have the required permissions to access the requested resource. Make sure the authentication was performed with the necessary scope.
`not_purchased`	`403 Forbidden`	The premium resource you’re trying to access has not been purchased by the authenticated user.
`not_found`	`404 Not Found`	The requested resource does not exist or is not publicly available.
`rate_limit_exceeded`	`429 Too Many Requests`	API request rate limit exceeded.

Known CORS issues

Sometimes calling the API from a browser fails during the CORS preflight request:
Reponse to preflight request doesn't pass access control check: It does not have HTTP ok status.

This can be solved by supplying Authorization header to the CORS preflight request.