Edit in GitHubLog an issue

GraphQL status codes and responses

Each GraphQL API call returns a HTTP status code and a response payload. When an error occurs, the response payload returns an error message.

HTTP status codes

Each GraphQL API call returns an HTTP status code that reflects the result of a request:

HTTP codeMeaningDescription
200
Success
The framework returns HTTP 200 to the caller upon success.
401
Unauthorized
The caller was not authorized to perform the request. For example, the request included an invalid token, or a user with customer permissions attempted to access an object that requires administrator permissions.
403
Forbidden
Access is not allowed for reasons that are not covered by error code 401.
500
System Errors
If service implementation throws any other exception, such as a network error or database communication failure, the framework returns HTTP 500.

Error format

When an error occurs, the response body contains an error message and data related to the executed query or mutation.

PartDescription
message
The message explaining the error.
locations
The starting position in the incoming query or mutation that caused the issue.
path
The query or mutation being executed.
extensions
Module that throws the error.

As an example, the application returns a code of 401 and the following payload when trying to get customer email without passing a valid token:

Request:

Copied to your clipboard
{
customer {
email
}
}

Response:

Copied to your clipboard
{
"errors": [
{
"message": "The current customer isn't authorized.",
"locations": [
{
"line": 2,
"column": 3
}
],
"path": [
"customer"
],
"extensions": {
"category": "graphql-authorization"
}
}
],
"data": {
"customer": null
}
}
  • Privacy
  • Terms of Use
  • Do not sell or share my personal information
  • AdChoices
Copyright © 2025 Adobe. All rights reserved.