Dfns API Documentation
  • 👋Welcome
  • Getting Started
    • Onboarding to Dfns
    • Dfns Environments
    • Core API Objects
    • Supported Assets
    • Postman
    • Dfns SDKs
    • Dashboard Videos
  • API Docs
    • Introduction
    • Authentication
      • Delegated Authentication
        • Delegated Registration
        • Delegated Registration Restart
        • Delegated Login
      • User Action Signing
        • Create User Action Signature Challenge
        • Create User Action Signature
      • Registration
        • Create User Registration Challenge
        • Complete User Registration
        • Complete End User Registration with Wallets
        • Resend Registration Code
        • Social Registration
      • Login
        • Create User Login Challenge
        • Complete User Login
        • Social Login
        • Logout
        • Send Login Code
      • Users
        • List Users
        • Create User
        • Get User
        • Activate User
        • Deactivate User
        • Archive User
      • Service Accounts
        • List Service Accounts
        • Create Service Account
        • Get Service Account
        • Update Service Account
        • Activate Service Account
        • Deactivate Service Account
        • Archive Service Account
      • Applications
        • List Applications
        • Create Application
        • Create Server-Signed Application
        • Get Application
        • Update Application
        • Activate Application
        • Deactivate Application
        • Archive Application
      • Personal Access Tokens
        • List Personal Access Tokens
        • Create Personal Access Token
        • Get Personal Access Token
        • Update Personal Access Token
        • Activate Personal Access Token
        • Deactivate Personal Access Token
        • Archive Personal Access Token
      • Credentials
        • Credentials Overview
        • API Reference
          • Create Credential Code
          • Create Credential Challenge
          • Create Credential Challenge With Code
          • Create Credential
          • Create Credential With Code
          • Deactivate Credential
          • Activate Credential
          • List Credentials
      • Recovery
        • Send Recovery Code Email
        • Create Recovery Challenge
        • Create Delegated Recovery Challenge
        • Recover User
    • Wallets
      • Create Wallet
      • Update Wallet
      • Delegate Wallet
      • Get Wallet by ID
      • List Wallets
      • Get Wallet Assets
      • Get Wallet NFTs
      • Get Wallet History
      • Tag Wallet
      • Untag Wallet
      • Transfer Asset from Wallet
      • Get Wallet Transfer Request by ID
      • List Wallet Transfer Requests
      • Sign and Broadcast Transaction from Wallet
        • Algorand: Broadcast Transaction
        • Bitcoin/Litecoin: Broadcast Transaction
        • Cardano: Broadcast Transaction
        • EVM: Broadcast Transaction
        • Polkadot: Broadcast Transaction
        • Solana: Broadcast Transaction
        • Stellar: Broadcast Transaction
        • Tezos: Broadcast Transaction
        • TRON: Broadcast Transaction
        • XRP Ledger (aka Ripple): Broadcast Transaction
      • Get Wallet Transaction Request by ID
      • List Wallet Transaction Requests
      • Generate Signature from Wallet
        • Algorand: Generate Signature
        • Aptos: Generate Signature
        • Bitcoin/Litecoin: Generate Signature
        • Cardano: Generate Signature
        • Cosmos Appchain: Generate Signature
        • EVM: Generate Signature
        • Polkadot: Generate Signature
        • Solana: Generate Signature
        • Stellar: Generate Signature
        • Tezos: Generate Signature
        • TRON: Generate Signature
        • TON: Generate Signature
        • XRP Ledger (aka Ripple): Generate Signature
        • Pseudo Networks (All other chains): Generate Signature
      • Get Wallet Signature Request by ID
      • List Wallet Signature Requests
      • Advanced Wallet APIs
        • Import Wallet
        • Export Wallet
    • Networks
      • Estimate fees
      • Read Contract
    • Policy Engine
      • Policies Overview
      • API Reference
        • Create Policy
        • Get Policy
        • List Policies
        • Update Policy
        • Archive Policy
        • Get Approval
        • List Approvals
        • Create Approval Decision
    • Permissions
      • Permissions Overview
      • API Reference
        • Get Permission
        • List Permissions
        • Create Permission
        • Update Permission
        • Archive Permission
        • Assign Permission
        • Revoke Permission
        • List Permission Assignments
    • Webhooks
      • Create Webhook
      • Get Webhook
      • List Webhooks
      • Update Webhook
      • Delete Webhook
      • Ping Webhook
      • Get Webhook Event
      • List Webhook Events
    • Dfns Change Log
    • API Errors
  • Integrations
    • Exchanges
      • Exchange Configuration
        • Kraken Setup
        • Binance Setup
        • Coinbase Prime Setup
      • API Reference
        • Create Exchange
        • List Exchanges
        • Get Exchange
        • Delete Exchange
        • List Exchange Accounts
        • List Exchange Account Assets
        • Create Exchange Deposit
        • Create Exchange Withdrawal
    • AML / KYT
      • Chainalysis
    • Staking
      • API Reference
        • Create Stake
        • Create Stake Action
        • List Stakes
        • List Stake Actions
        • get Rewards
    • Fiat On/Off-Ramps
    • Account Abstraction on EVMs
  • Advanced Topics
    • Authentication
      • API Authentication
      • Request Headers
      • Credentials
        • Generate a Key Pair
        • User Credentials
        • Access Token Credentials
        • Storing WebAuthn Credentials in Password Managers
      • Request Signing
      • API objects
    • Delegated Signing
    • API Idempotency
    • FAQ
  • Guides
    • Passkey Settings - Migration guide
Powered by GitBook
On this page
  • Common Errors
  • 400 - Bad Request
  • 401 - Unauthorized
  • 403 - Forbidden
  • 500 - Internal Server Error
  • Application Management Errors
  • 400 - Bad Request
  • 404 - Not Found
  • Credential Management Errors
  • Delegated Authentication Errors
  • 400 - Bad Request
  • 401 - Unauthorized
  • User Login Errors
  • 400 - Bad Request
  • 401 - Unauthorized
  • 403 - Forbidden
  • Personal Access Token Management Errors
  • User Registration Errors
  • 400 - Bad Request
  • 401 - Unauthorized
  • Service Account Management Errors
  • User Action Signing Errors
  • 400 - Bad Request
  • 401 - Unauthorized
  • User Management Errors
  • User Recovery Errors
  • 401 - Unauthorized
  1. API Docs

API Errors

Common Errors

400 - Bad Request

Nonce header is missing or invalid

All requests need to include an X-DFNS-NONCE header. See Request Headers for more information.

{
  "error": {
    "message": "request nonce is missing or invalid",
  }
}
Nonce already used

The nonce specified in X-DFNS-NONCE was already used. The nonce should be uniquely generated for every request.

{
  "error": {
    "message": "request nonce has already been used"
  }
}
User Action Signature already used

The User Action Signature specified in X-DFNS-USERACTION was already used. User action signatures can only be used once.

{
  "error": {
    "message": "user action has already been used"
  }
}

401 - Unauthorized

Caller not authenticated

All requests to an authenticated endpoint need to include a JWT in the Authentication header. See Request Headers for more information.

{
  "error": {
    "message": "user token is missing or invalid"
  }
}

403 - Forbidden

Caller not authenticated

Caller does not have access to the resource or endpoint

{
  "error": {
    "message": "CustomerEmployee us-24vwa-92s33-8tvqi1dg0a95megt is not authorized to perform operation (Auth:Apps:Update)"
  }
}
User Action Signature missing or invalid

Mutating requests need to include a valid User Action Signature in the X-DFNS-USERACTION header. See User Action Signing for more information.

{
  "error": {
    "message": "user action signature is missing or invalid"
  }
}

500 - Internal Server Error

Internal Server Error

This is an unexpected error. Please try your request again. If the call continues to fail, please contact support.

{
  "error": {
    "message": "Internal Server Error"
  }
}

Application Management Errors

Errors specific to the Application Management endpoints.

400 - Bad Request

Application cannot modify its own state

The application being deactivated needs to be different then the application specified in X-DFNS-APPID.

{
  "error": {
    "message": "application cannot modify its own state"
  }
}

404 - Not Found

Application not found

The specified application does not exist in the database.

{
  "error": {
    "message": "application not found"
  }
}

Credential Management Errors

Errors specific to the Credential Management endpoints.

Delegated Authentication Errors

Errors specific to the Delegated Authentication endpoints.

400 - Bad Request

User account has been deactivated

The user is deactivated

{
  "error": {
    "message": "User account has been deactivated."
  }
}

401 - Unauthorized

User not found

The user cannot be found in the system

{
  "error": {
    "message": "User not found"
  }
}

User Login Errors

Errors specific to the User Login endpoints.

400 - Bad Request

User account has been deactivated

The user is deactivated

{
  "error": {
    "message": "User account has been deactivated."
  }
}

401 - Unauthorized

User not found

The user cannot be found in the system

{
  "error": {
    "message": "User not found"
  }
}
User does not have a credential that can be used for the application

There is no valid credential for the user for this application

{
  "error": {
    "message": "User does not have a credential that can be used for the application."
  }
}

403 - Forbidden

Invalid code

The One Time Code provided is invalid

{
  "error": {
    "message": "Invalid code"
  }
}

Personal Access Token Management Errors

Errors specific to the Personal Access Token Management endpoints.

User Registration Errors

Errors specific to the User Registration endpoints.

400 - Bad Request

Registration code expired

The registration code being used is expired.

{
  "error": {
    "message": "Registration code expired"
  }
}

401 - Unauthorized

User already exists

The username used already exists in the system.

{
  "error": {
    "message": "User already exists."
  }
}

Service Account Management Errors

Errors specific to the Service Account Management endpoints.

User Action Signing Errors

Errors specific to the User Action Signing endpoints.

400 - Bad Request

User account has been deactivated

The user is deactivated

{
  "error": {
    "message": "User account has been deactivated."
  }
}
Challenge token is not valid

The token being used is not valid

{
  "error": {
    "message": "Challenge token is not valid."
  }
}

401 - Unauthorized

User not found

The user cannot be found in the system

{
  "error": {
    "message": "User not found"
  }
}
User does not have a credential that can be used for the application

There is no valid credential for the user for this application

{
  "error": {
    "message": "User does not have a credential that can be used for the application."
  }
}

User Management Errors

Errors specific to the User Management endpoints.

User Recovery Errors

Errors specific to the User Recovery endpoints.

401 - Unauthorized

Credential cannot be used as a recovery factor

The credential being used is not a recovery credential

{
  "error": {
    "message": "Credential cannot be used as a recovery factor."
  }
}

Last updated 1 month ago