Errors

All endpoints share a consistent error payload shape. Use the outer message for coarse category, and the inner error.message for the detailed reason.

Error response format

CustomExceptionFilter

Typical structure for error responses.

error.json

{
  "success": false,
  "statusCode": 400,
  "message": "Forbidden",
  "error": {
    "message": "Access Denied"
  }
}

Common cases

403 Access Denied (missing headers)

`FingerprintMiddleware` and `PartnerMiddleware` return 403 if required headers are absent.

403.sh

# If the middleware can't find required headers,
# the API returns 403 Access Denied.
curl "<BASE_URL>/api/v1/cars" -H "client: <CLIENT_HASH>"