# Code and Formats source: https://developer.mastercard.com/identity-insights-for-transactions/documentation/code-and-formats/index.md ## Error Handling {#error-handling} ### Identity Insights for Transactions (IIT) API Error Codes {#identity-insights-for-transactions-iit-api-error-codes} The IIT API uses the standard HTTP response codes for success and failure notifications. Besides status codes in the 2XX range, errors are further classified by 4XX errors resulting from user-provided information. The table below describes each status code along with its description. | **HTTP Status Code** | **Description** | |----------------------|--------------------------------------| | 200 | Success | | 400 | Something was wrong with the request | | 401 | Unauthorized request | | 500 | Internal Server Error | | 503 | Transient System Failure | ### Error Structure {#error-structure} To ensure a consistent experience across all Mastercard APIs, the following structure is followed by the IIT API for each error scenario that can occur: ```json { "Errors": { "Error": [ { "Source": "", "ReasonCode": "", "Description": "", "Recoverable": true/false, "Details": "" } ] } } ``` ### Gateway Error Codes {#gateway-error-codes} Apart from the error codes returned by the IIT API, other error codes can be returned by the Mastercard gateway when it verifies the request's signature and routes it to the correct location. For further information about the other response codes returned by the gateway and their possible resolutions, see [Gateway Error Codes](https://developer.mastercard.com/platform/documentation/security-and-authentication/gateway-error-codes/). ### HTTP Error code response body {#http-error-code-response-body} If the HTTP response code 400 is returned, the response body provides additional details on the error. The table below describes the structure of errors in such a scenario. | **Name** | **Type** | **Description** | |-------------|----------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Errors | Object | The error response model used by all of the API endpoints. | | Error | Object | List of error objects. | | Source | String | Where the error occurred. | | ReasonCode | String | A code defining the error, as defined in the documentation. The following codes can be expected at the moment: VALIDATION_ERROR UNAUTHORIZED_REQUEST. | | Description | String | A description for this specific occurrence of the ReasonCode. | | Recoverable | Boolean | Whether or not retrying this request could result in a successful response. | | Details | String | More details of this specific error. This is an optional field and is sometimes used to give a more comprehensive description of the error that has occurred when required. | ### Error codes {#error-codes} For a complete list of IIT API specific error codes, refer to the following table. | **Reason Code** | **Description** | **Recoverable** | **HTTP Error code** | **Resolution Steps** | |-------------------------------|----------------------------------------------|-----------------|---------------------|--------------------------------------------------------------------| | VALIDATION_ERROR | Required Data Element Missing | false | 400 | Include the missing fields that are required for the request body. | | VALIDATION_ERROR | Invalid Format | false | 400 | Include the proper format required for the request body. | | DECRYPT_PRIVATE_KEY_NOT_FOUND | Encrypted PrivateKey configuration not found | false | 400 | Encrypted Private Key required to be configured | | UNAUTHORIZED_REQUEST | Unauthorized request | false | 401 | An error occurs when we do not have access to the service. | | Transient System Failure | System failure | true | 503 | Service unavailable. Wait for some time and try again. |