When a request that you send to Workload Security contains errors, the response includes information that you can use to identify the problem:
- When you use the API directly with software like Postman or cURL, you can recognize errors by the status code of the response and the error message in the response body.
To better troubleshoot the error responses, you should understand the types of errors that can occur and some common causes.
Obtain error information
# Create a PoliciesApi object policies_api = api.PoliciesApi(api.ApiClient(configuration)) # List policies using version v1 of the API policies_list = policies_api.list_policies(api_version) # View the list of policies return policies_list
For Postman or cURL, the error message is displayed when you receive the response.
Authentication errors result in a response message of
Invalid API Key. For Postman and cURL users, this error is associated with a
401 status code. The following circumstances commonly cause this error:
- The secret key used to authenticate the request is typed incorrectly
- The API key used to authenticate the request has been deleted
Authorization errors occur when an API key is not permitted to perform an action or access a resource. These errors result in a response message in the form of
Not authorized to <action> <resource type>, for example,
Not authorized to delete computers. For Postman and cURL users, this error is associated with a
403 status code. The following circumstances commonly cause this error:
- The role that is assigned to the API key does not have access rights for the resource, the operation, or both.
- The API key is locked out.
- The API key has expired.
Resource not found errors
Resource not found errors occur when a request is made to perform an action on a specific resource and the resource is not found. These errors result in a response message in the form of
The <resource> does not exist, for example,
The policy does not exist. For Postman and cURL users, this error is associated with a
404 status code. The following circumstances commonly cause this error:
- The ID used to identify the resource is incorrect.
- The resource has been deleted.
Bad request errors
Bad request errors occur when the request does not conform to the format or syntax that Workload Security expects, or you attempt to perform a task that Workload Security does not allow. The message is specific to the circumstances that caused the error, which are varied:
- An object that is used as a parameter is not valid. For example, when creating a role and the provided
Roleobject that does not have the
nameproperty set results in the error message
Role Name cannot be blank.
- (Postman or cURL) A required header is missing, or the header name is mis-typed. For example, a mis-typed
api-versionheader results in the error message
Missing 'api-version' request header. Please set this header with the a value of a supported API version.
- An incorrect value for the API version. For example, the use of
1as the API version results in the error message
Invalid 'api-version' request header. Please make sure this header starts with 'v' followed by a number. E.g. v1.
- You attempt to unassign a rule that has a dependent rule, which Workload Security does not allow. For example, an attempt to unassign the Intrusion Prevention rule named HTTP Protocol Decoding from a policy results in the error message
Intrusion Prevention Rule 5341 could not be removed because Rule 8401 depends on Rule 5341.
For Postman and cURL users, this error is associated with a
400 status code.
Check SDK compatibility
Errors can occur if the SDK that you are using is not compatible with Workload Security, or when you use a newer version of the SDK to run scripts that were developed with an older version of the SDK. For more information, see the SDK Version Compatibility guide.