Error Handling
GitScrum API error codes and responses. Handle validation errors, authentication failures, and server errors.
REST API — All endpoints require authentication via Bearer token. IncludeAuthorization: Bearer {token}in every request. Tokens are managed in GitScrum Settings → API. Base URL:https://services.gitscrum.com— All request paths in this documentation are relative to this base URL.
The GitScrum API uses standard HTTP status codes and returns structured JSON error responses.
HTTP status codes
| Code | Meaning | Description |
|---|---|---|
200 | Success | Request completed successfully |
201 | Created | Resource created successfully |
204 | No Content | Resource deleted successfully |
400 | Bad Request | Malformed request or missing parameters |
401 | Unauthorized | Missing or invalid authentication token |
403 | Forbidden | Authenticated but insufficient permissions |
404 | Not Found | Resource does not exist |
422 | Validation Error | Request body failed validation rules |
429 | Rate Limited | Too many requests — see Rate Limits |
500 | Server Error | Internal server error |
Error response format
All error responses follow a consistent structure:
{
"error": "Not Found",
"message": "The requested resource was not found."
}Validation errors (422)
Validation errors include field-level details:
{
"error": "Validation Error",
"message": "The given data was invalid.",
"errors": {
"title": ["The title field is required."],
"company_slug": ["The selected company slug is invalid."]
}
}Each key in the errors object corresponds to a request field, and the value is an array of validation messages.
Authentication errors (401)
{
"error": "Unauthorized",
"message": "Invalid or expired token"
}Verify your token is valid and included in the Authorization header. See Authentication.
Permission errors (403)
{
"error": "Forbidden",
"message": "You do not have permission to perform this action."
}Check that your account has the required role for the workspace or project.
Best practices
- Check status codes — Always inspect the HTTP status code before parsing the response body.
- Handle retries — Retry
429and5xxerrors with exponential backoff. Do not retry4xxclient errors. - Log errors — Capture the full error response (status, message, errors object) for debugging.
- Validate locally — Validate required fields before sending requests to avoid unnecessary
422responses. - Display messages — Use the
messagefield to display user-friendly error feedback.