Error responses

Sales Layer REST APIs use standard HTTP status codes to indicate failed operations.

The current OpenAPI specifications document these error status codes:

Use 400 errors to identify request issues such as invalid query syntax, invalid body fields, unsupported values, or missing required data.

Example validation shape:

{
  "validationFailures": {
    "field": [
      "Validation message"
    ]
  }
}

401 indicates an authentication problem.

Check that the X-API-KEY header is present and contains the correct value.

{
  "type": "https://api2.saleslayer.com/errors/unauthorized",
  "title": "Unauthorized",
  "status": 401,
  "detail": "A valid API key is required.",
  "instance": "/rest/Catalog/Products"
}

403 indicates that the API understood the request but the authenticated client is not allowed to perform it.

This status is defined in Catalog API operations only. DAM API endpoints do not return 403.

404 indicates that the requested resource could not be found.

This can happen when an identifier is wrong, the resource was deleted, or the resource is not available in the current account context.

409 indicates that the operation cannot be completed because of the current resource state.

This status is documented in DAM operations, for example when an image cannot be modified or deleted while it is being processed.

500 indicates an unexpected server-side error.

Clients should not retry indefinitely. Use bounded retries with backoff for temporary failures and surface persistent errors to the integration owner.

• Treat 400, 401, 403, and 404 as errors that usually require request or configuration changes.
• Treat 409 as a state conflict; retry only when the conflict is expected to be temporary.
• Treat 500 as potentially temporary, but use bounded retries.
• Log status code, endpoint, operation, and correlation identifiers when available.

• DAM error details
• Rate limiting
• Feedback and privacy
• API reference overview