If an error occurs during a request, the API returns an HTTP status code >=400 and provides more
information in the response-body.
Error Object Structure
| Field | Description |
|---|---|
code | Numeric representation of the error. See Error Codes. |
data | Additional error information (validation information and other details) |
description | Short summary |
group | The group to which this error is associated to. See Error Codes. |
message | Original message of the bank (only in task errors) |
Examples:
{
"error": {
"code": 1000,
"data": {
"bank_code": ["Not a valid string."],
"credentials": ["Credentials must contain at least 2 strings."]
},
"description": "Request body doesn't match input schema.",
"group": "client"
}
}
{
"error": {
"code": 1002,
"data": {},
"description": "Not Found",
"group": "client",
}
}
Error Codes
Error codes are grouped in ranges
| Range | Group |
|---|---|
1000 - 1999 | client |
10000 - 19999 | user |
20000 - 29999 | bank |
30000 - 39999 | general |
40000 - 49999 | connectivity |
50000 - 59999 | categorization |
whereas each code has the following meaning
| Code | Group | Description |
|---|---|---|
1000 | client | Invalid request |
1001 | client | Entry already exists |
1002 | client | Entity not found |
1003 | client | Unauthorized |
1004 | client | Invalid client authorization |
1005 | client | Payment already processed |
1006 | client | Unprocessable entity |
1007 | client | Forbidden |
1008 | client | Resource busy |
1010 | client | User locked |
1011 | client | Login credentials are incomplete or malformed |
1020 | client | Maximum number of account synchronizations exceeded |
1021 | client | PSU IP is required |
10000 | user | Login credentials are invalid |
10001 | user | PIN is invalid |
10002 | user | Online access is blocked |
10003 | user | TAN scheme not activated |
10004 | user | TAN is invalid |
10005 | user | No authorization for this account |
10006 | user | Transaction rejected |
10007 | user | PIN change necessary |
10008 | user | No authorization for this business transaction |
10009 | user | HBCI activation necessary |
10010 | user | Account is blocked |
10011 | user | Account no longer exists |
10012 | user | TAN scheme is blocked |
10013 | user | Status of transaction inconclusive |
10014 | user | Account not activated for online banking |
10015 | user | Redundant submissions |
10016 | user | Invalid OTP |
10017 | user | Invalid consent configuration |
11000 | user | Generic user error |
20000 | bank | Processing at the bank not possible |
20001 | bank | Bank / account unknown |
20002 | bank | Transaction canceled |
20003 | bank | Maintenance |
20004 | bank | Technical migration |
20005 | bank | Transaction not possible |
20006 | bank | Login not possible |
20007 | bank | Pop up |
30000 | general | Processing at finX not possible |
30005 | general | Task is expired |
30006 | general | Service temporarily not available |
40000 | general | Bank not supported |
40001 | general | Direct access upgrade |
40002 | general | Multi-access upgrade |
40003 | general | Partial access upgrade |
Resource locked
With ongoing improvements on our system, at any point, a resource might return the HTTP status code 423 and the error code 1008. Your application should implement a retry logic with incremental backoff in the realm of seconds and up to minutes.
The most likely scenario where this happens is after a version change that requires data migration. The first request to an unmigrated user would then trigger such a response, consecutive calls might return 423 until migration is done.