Skip to main content
All errors share the same response shape:
{
  "success": false,
  "code": "engine_not_deployed",
  "message": "Engine for slug 'acme-usdc-base' is still pending_deploy"
}
code is a stable machine-readable string — switch on it in your code. message is human-readable and may change wording over time, do not parse it.

HTTP status code mapping

HTTPMeaning
200Success — success: true, payload in data
400Validation error — request shape or parameter invalid
401Missing or invalid X-Api-Key
403Key valid but lacks permission for this resource (typically wrong partner)
404Slug or resource not found
409Idempotency conflict (webhooks only)
429Rate limit exceeded — see Retry-After header
5xxInternal error — safe to retry with exponential backoff

Error codes

Authentication & rate-limiting

CodeHTTPWhenRemediation
missing_api_key401X-Api-Key header absentAdd header
invalid_api_key401Header present but key not recognizedCheck key, regenerate in Portal
revoked_api_key401Key was revokedIssue a new key
rate_limited429Per-key request budget exceededHonor Retry-After, then retry

Product / slug

CodeHTTPWhenRemediation
not_found404Slug does not existCheck spelling against GET /products
not_owned403Slug exists but belongs to a different partnerUse a slug returned by your own GET /products
engine_not_deployed409Product is still in pending_deploy statusWait for status to flip to active (typically under 5 min); webhook product.deployed fires when ready
product_paused503Product status is pausedDon’t surface a deposit CTA; poll /health for resume
product_deprecated410Product is deprecated — withdrawals onlyHide deposit, allow redeem

Position / address

CodeHTTPWhenRemediation
invalid_address400Address is not a 42-char 0x-prefixed hex stringValidate before submitting
chain_not_supported400Address is checksum-mismatched or product chain doesn’t support address formatUse the chain_id from the product response

Yield calc / fee stats

CodeHTTPWhenRemediation
invalid_amount400amount non-numeric, ≤ 0, or above 2^256Validate before sending
range_too_large400start_date/end_date span > 365 daysSplit into multiple requests
invalid_days400days not one of 7, 30, 180Use a supported value

Webhooks (inbound — partner → Barker)

CodeHTTPWhenRemediation
signature_mismatch401HMAC verification failedCheck the inbound secret; ensure you signed the raw body
missing_idempotency_key400Idempotency-Key header absentAdd header
unknown_event400event_type not in the allowlistSee Webhooks → event types
idempotency_replay200Same key seen before — returned with duplicate: trueNo action; this is a successful no-op

Server-side

CodeHTTPWhenRemediation
internal_error500Unexpected server errorRetry with exponential backoff (start at 1s, max 5 attempts)
chain_rpc_unavailable503Upstream RPC down — affects /position, /healthShow cached value if available; surface “live data temporarily unavailable”; retry after 30s

Retry policy

StatusShould you retry?Strategy
4xx (except 429)No — request is invalid, retrying won’t helpSurface to user / fix code
429YesHonor Retry-After; if absent, exponential backoff starting at 2s
5xxYesExponential backoff: 1s, 2s, 4s, 8s, 16s; cap at 5 attempts
Idempotency: all GET endpoints are idempotent and safe to retry. The inbound webhook endpoint is idempotent via the Idempotency-Key header.

What’s next

  • Rate limits — per-key budgets and Retry-After semantics
  • Webhooks — inbound and outbound event handling