Edit in GitHubLog an issue

Status codes and REST responses

Each web API call returns a HTTP status code and a response payload. When an error occurs, the response body also returns an error message.

HTTP status codes

Each web API call returns an HTTP status code that reflects the result of a request:

HTTP codeMeaningDescription
200
Success
The framework returns HTTP 200 to the caller upon success.
400
Bad Request
If service implementation throws either Magento_Service_Exception or its derivative, the framework returns a HTTP 400 with a error response including the service-specific error code and message. This error code could indicate a problem such as a missing required parameter or the supplied data didn't pass validation.
401
Unauthorized
The caller was not authorized to perform the request. For example, the request included an invalid token or a user with customer permissions attempted to access an object that requires administrator permissions.
403
Forbidden
Access is not allowed for reasons that are not covered by error code 401.
404
Not found
The specified REST endpoint does not exist. The caller can try again.
405
Not allowed
A request was made of a resource using a method that is not supported by that resource. For example, using GET on a form which requires data to be presented via POST, or using PUT on a read-only resource.
406
Not acceptable
The requested resource is only capable of generating content that is not acceptable according to the Accept headers sent in the request.
500
System Errors
If service implementation throws any other exception like network errors, database communication, framework returns HTTP 500.

Response payload

POST, PUT, and GET web API calls return a response payload. This payload is a JSON- or XML-formatted response body. The Accept: application/<FORMAT> header in the request determines the format of the response body, where FORMAT is either json or xml.

A successful DELETE call returns true. An unsuccessful DELETE call returns a payload similar to the other calls.

The response payload depends on the call. For example, a GET /V1/customers/:customerId call returns the following payload:

Copied to your clipboard
{
"customers": {
"customer": {
"email": "user@example.com",
"firstname": "John",
"lastname": "Doe"
},
"addresses": [
{
"defaultShipping": true,
"defaultBilling": true,
"firstname": "John",
"lastname": "Doe",
"region": {
"regionCode": "CA",
"region": "California",
"regionId": 12
},
"postcode": "90001",
"street": ["Zoe Ave"],
"city": "Los Angeles",
"telephone": "555-000-00-00",
"countryId": "US"
}
]
}
}

This JSON-formatted response body includes a customer object with the customer email, first name, and last name, and customer address information. The information in this response body shows account information for the specified customer.

Error format

When an error occurs, the response body contains an error code, error message, and optional parameters.

PartDescription
code
The status code representing the error.
message
The message explaining the error.
parameters
Optional. An array of attributes used to generate a different and/or localized error message for the client.

As an example, the application returns a code of 400 and the following message when an invalid sku value is specified in the call PUT V1/products/:sku.

Copied to your clipboard
{
"message": "Invalid product data: %1",
"parameters": [
"Invalid attribute set entity type"
]
}
  • Privacy
  • Terms of Use
  • Do not sell or share my personal information
  • AdChoices
Copyright © 2025 Adobe. All rights reserved.