When an API request fails, HookBridge returns a structured error response. Understanding the format and common error codes helps you build robust integrations that handle failures gracefully.
All error responses follow the same structure:
"message" : " Human-readable description of the problem. " ,
"request_id" : " req_abc123 "
error.code — a machine-readable string you can match on.error.message — a human-readable explanation.error.details — optional object with additional context (varies by error).meta.request_id — unique identifier for the request, useful for support inquiries.
Status Meaning 400Bad request — invalid input, missing required fields, or validation failure. 401Unauthorized — missing, invalid, or inactive API key. 403Forbidden — access denied or plan restriction. 404Not found — the requested resource does not exist. 409Conflict — duplicate resource, idempotency mismatch, or state conflict. 410Gone — payload retention expired or export link expired. 429Too many requests — rate limit or usage quota exceeded. 500Internal server error — unexpected failure.
Code Status Description UNAUTHORIZED401 Missing or invalid API key, or expired session. RATE_LIMITED429 Too many failed authentication attempts. FORBIDDEN403 Access denied to the requested project.
Code Status Description INVALID_REQUEST400 Invalid JSON, missing required fields, or general validation error. INVALID_ENDPOINT400 Endpoint URL is invalid — not HTTPS, too short/long, or targets a blocked address. PAYLOAD_TOO_LARGE400 Payload exceeds the 1 MB size limit.
Code Status Description DUPLICATE_URL409 An endpoint with this URL already exists in the project. ENDPOINT_BLOCKED400 Endpoint URL targets a private or internal address. ENDPOINT_UNREACHABLE400 Endpoint domain could not be resolved.
Code Status Description IDEMPOTENCY_MISMATCH409 Same idempotency key sent with a different payload. IDEMPOTENCY_CONFLICT409 Duplicate idempotency key with conflicting request.
Code Status Description MAX_SIGNING_KEYS_REACHED409 Endpoint already has the maximum number of signing keys. CANNOT_DELETE_LAST_SIGNING_KEY409 Cannot delete the only remaining signing key.
Code Status Description RETENTION_EXPIRED410 Message payload retention period has expired and the payload is no longer available. PAYLOAD_UNAVAILABLE410 Message payload has been cleaned up and cannot be replayed.
Code Status Description BURST_LIMIT_EXCEEDED429 Project-level request rate exceeded. Includes retry_after_ms in details. USAGE_LIMIT_EXCEEDED429 Monthly message limit exceeded. Includes plan, usage, limit, and resets in details. ENDPOINT_LIMIT_REACHED429 Maximum endpoints for your plan reached. PROJECT_LIMIT_REACHED429 Maximum projects for your plan reached. KEY_LIMIT_EXCEEDED429 Maximum API keys per project reached. EXPORT_LIMIT_EXCEEDED429 Export rate limit or concurrency limit reached. REPLAY_LIMIT_EXCEEDED429 Replay batch size or frequency limit exceeded.
Code Status Description NO_SUBSCRIPTION404 No active subscription found. ALREADY_SUBSCRIBED409 Tenant already has an active paid subscription. SUBSCRIPTION_INACTIVE403 Subscription is past due, canceled, or unpaid. PLAN_REQUIRED403 Feature requires a higher-tier plan.
Code Status Description EXPORT_ACTIVE409 Cannot delete an export that is still in progress. EXPORT_NOT_READY400 Export is not yet ready for download. EXPORT_EXPIRED410 Export download link has expired.
Match on error.code for programmatic handling, not error.message (messages may change).
For 429 responses, check error.details.retry_after_ms and wait before retrying.
Include the meta.request_id when contacting support about a specific failure.
5xx errors are transient — retry with backoff.4xx errors require fixing the request before retrying (except 429, which is a temporary rate limit). 
