Skip to content

Errors

HTTP APIs use a Google RPC Status-style JSON error body:

{
"code": 16,
"message": "Invalid username or password",
"details": [
{
"@type": "type.googleapis.com/google.rpc.ErrorInfo",
"reason": "UNAUTHENTICATED",
"domain": "synctv.api",
"metadata": {
"errorCode": "1002",
"errorKind": "unauthenticated",
"requestId": "01HX..."
}
},
{
"@type": "type.googleapis.com/google.rpc.RequestInfo",
"requestId": "01HX..."
}
]
}
FieldMeaning
codeNumeric gRPC status code. The HTTP status still comes from the HTTP status line.
messageUser-facing summary. 5xx details are sanitized.
details[]Structured error details, usually including google.rpc.ErrorInfo with reason, domain, and metadata.
details[].metadata.errorCodeApplication error code for programmatic handling.
details[].metadata.requestId / google.rpc.RequestInfo.requestIdRequest identifier for log correlation.

429 may include a Retry-After header.

StatusMeaningClient action
400Invalid request structure, field, or formatFix input; do not retry the same request
401Not logged in, token expired, ticket expired, Provider credential expiredRefresh token, sign in, or rebind Provider
403Authenticated but not allowed, email unverified, bannedShow permission reason
404Resource, room, media, or Provider instance missingRefresh local state
409Already exists, concurrent update, state conflictRead current state before retrying
408Backend timeoutRetry with backoff
429Rate limit or resource exhaustedRespect Retry-After
502Upstream Provider or proxy errorCheck Provider, upstream, and headers
503Dependency or service unavailableRetry later; operators check dependencies
504Upstream timeoutRetry with backoff and inspect upstream
RangeCodeMeaning
Common0Unspecified
Auth1000Unauthenticated
Auth1001Token expired
Auth1002Invalid credentials
Resource2000Not found
Resource2001Already exists
Resource2002Resource exhausted or rate limited
Resource2003Conflict
Validation3000Invalid argument
Validation3001Invalid format
Validation3002Value too short
Validation3003Value too long
Validation3004Required field missing
Permission4000Permission denied
Permission4001Forbidden
Permission4002Banned
Server9000Internal error
Server9001Database error
Server9002Service unavailable
Server9003Timeout

Clients should not parse the message text for stable branching.

gRPC errors use the standard status code, message, and embedded google.rpc.Status binary details. HTTP-style x-synctv-error-code metadata is not sent as a separate trailer; clients should read google.rpc.ErrorInfo.metadata.errorCode and RetryInfo.

gRPC codeHTTP equivalentMeaning
InvalidArgument400Invalid input
Unauthenticated401Missing or invalid auth
PermissionDenied403Authenticated but not allowed
NotFound404Resource missing
AlreadyExists409Resource already exists
ResourceExhausted429Rate limited or capacity exhausted
Unavailable503Service or dependency unavailable
DeadlineExceeded504Timeout
Internal500Internal server error

See gRPC Debugging.

WebSocket business errors use protobuf messages, not HTTP JSON:

MessageScenario
ServerMessage.errorGeneral business error, such as permission or invalid input
ServerMessage.resourceObserveErrorInvalid observe id, too many observations, or resource load failure
WebSocket closeAuth failure, expired ticket, protocol error, connection limit, shutdown

Resource observation errors do not necessarily close the connection.

SymptomTypical statusHandling
Provider credential expired401Re-login or rebind Provider
Upstream resource missing404Refresh list and remove stale media
Upstream rejected request400 or 502Check headers, URL, format
Upstream rate limited or 5xx502/503/504Back off and inspect upstream
Credential encryption missingSanitized 500Configure credential encryption key

Classify by status

Use HTTP or gRPC status for login, permission, retry, and refresh decisions.

Use codes

Read application codes from google.rpc.ErrorInfo.metadata.errorCode. Do not parse English text.

Keep request IDs

Collect requestId, time, path, and status for support.

Protect secrets

Never log tokens, cookies, OAuth2 codes, Provider credentials, or passwords.