LdapAuth error codes

LdapAuth returns an error code with a message if the JSON-RPC 2.0 request failed for some reason.

The error codes fall into three ranges according to their category:

Range Type
-2000 .. -2099 User authentication and provisioning exceptions, such as LDAP directory exceptions.
-31100 .. -31199 Access denied messages, such as access denied due to a blocked client IP address.
-32000 .. -32768 Standard JSON-RPC 2.0 protocol errors. These are codes reserved by the RPC protocol to indicate errors such as badly formatted JSON-RPC 2.0 requests or invalid method parameters.

Here is an example JSON-RPC 2.0 response that reports an -2000 error:

{ "error"   : { "message" : "Bad username/password",
                "code"    : -2000 },
  "id"      : "0001",
  "jsonrpc" : "2.0" }

The exact format of error responses is described in the JSON-RPC 2.0 specification.

LdapAuth keeps error messages deliberately concise. To obtain more information about the cause of an error examine the LdapAuth log file (logging must be enabled at INFO level).

User authentication and provisioning exceptions

This section lists JSON-RPC 2.0 errors indicating user authentication and attribute provisioning exceptions, such as LDAP directory exceptions.

Code Message
-2000 Bad username/password
-2010 "user.auth" requests denied
-2011 "user.authGet" requests denied
-2012 "user.get" requests denied
-2013 "user.resolveDN" requests denied
-2020 Json2Ldap/LDAP connection retrieval denied
-2030 Json2Ldap/LDAP connection retrieval not supported by backend
-2031 User DN resolution not supported/configured
-2032 User attributes retrieval not supported/configured
-2033 Directory connector stats not supported
-2040 LDAP/Json2Ldap backend service exception

Access denied messages

This section lists JSON-RPC 2.0 errors indicating the client was denied access to LdapAuth, e.g. due to a blocked client IP address.

Code Message
-31100 Requests must be sent over HTTPS
-31105 Client IP address denied access
-31110 Trusted client X.509 certificate required
-31111 Invalid client X.509 certificate principal DN
-31112 Client X.509 certificate principal denied
-31120 API key filter requires named JSON-RPC 2.0 parameters
-31121 Missing API key
-31123 API key denied access

JSON-RPC 2.0 specific errors

Errors with codes between -32000 and -32768 are reserved by the JSON-RPC 2.0 specification to indicate a general protocol exception.

Code Message
-32700 JSON parse error
-32600 Invalid request
-32601 Method not found
-32602 Invalid parameters
-32603 Internal error