Errors

The MyPreferences API responds with appropriate HTTP error statuses with enough information to identify and fix the issue. In addition to the authorization failures, review the help documentation for the specific API's for handling errors by implementing a common and reliable error-handling framework. 

401 - Authorization Errors

When a request is rejected due to an authorization failure, the HTTP Status Code 401- Unauthorized is returned with a detailed error description in the body. Here are some of the examples:

The scheme is invalid

This error occurs when authorization scheme is invalid. For example, if the scheme PNAUTHINFO100-SHA256 was sent, the request would be rejected as there is no PNAUTHINFO100 scheme.

The specified date does not match an expected ISO 8601 format

This error occurs when the Issued Timestamp is either not in the expected ISO 8601 encoded format or the date is set in the future. Requests with future dates will be rejected.

The difference between the issued timestamp and the current time is too large

This error occurs when the authorization request has expired. For example, if the expiration window is 60 seconds and the current time is 2015-08-13T12:35:00 and the Issued Timestamp is 2015-08-13T07:00:00. In this case the authorization request has expired and will be rejected.

Missing Authorization Header

This error occurs when a request is sent without an authorization header field.

Unable to authenticate request

This is a generic authorization failure that can be caused by any of the following conditions:

• The authorization field header is incomplete or missing parameters.
• The generated signature does not match the fields defined by the authorization scheme.
• The UserId does not match any known users for the supplied ClientId.

 
HTTP/1.1 401 Unauthorized
Cache-Control: no-cache
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
Server: Microsoft-IIS/8.0
WWW-Authenticate: PNAUTHINFO3 realm="https://pm.mypreferences.com"
X-AspNet-Version: 4.0.30319
X-SourceFiles: =?UTF-8?B?QzpcZGV2XE15UHJlZmVyZW5jZXNcU291cmNlXFdlYlxNeVByZWZlcmVuY2VzLlJFU1RcTXlQcmVmZXJlbmNlcy5SRVNUXGFwaVwzXFBOTzRXXFByb2dyYW1z?=
X-Powered-By: ASP.NET
Date: Fri, 14 Aug 2015 21:22:27 GMT
Content-Length: 68
{"Message":"Invalid Authorization Header: The scheme is invalid.  The scheme should contain either PNAUTHINFO3- or PNAUTHINFO3-HMAC-.  For example: PNAUTHINFO3-HMAC-SHA265."}

404 - Resource Not Found

A 404 - Resource Not Found status code is returned when you access a URL or a resource that is invalid or currently unavailable. Additionally, this status code is also returned when the ClientId specified in your request is invalid or not found. Please note that this failed request will not supply a message in the body.

 
HTTP/1.1 404 Not Found
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-SourceFiles: =?UTF-8?B?QzpcZGV2XE15UHJlZmVyZW5jZXNcU291cmNlXFdlYlxNeVByZWZlcmVuY2VzLlJFU1RcTXlQcmVmZXJlbmNlcy5SRVNUXGFwaVwzXEFDb21wYW55XFByb2dyYW1z?=
X-Powered-By: ASP.NET
Date: Mon, 17 Aug 2015 17:05:39 GMT
Content-Length: 0