Errors.
Every error returns a typed error.code and a human-readable message in the same envelope as a success response. Switch on the code.
Error envelope
Errors use the same envelope as success responses, with an error object in place of data. Switch on the typed error.code rather than parsing the human-readable message. Every error keeps a meta.request_id for support.
Error · 401 Unauthorizedapplication/json
{
"error": {
"code": "UNAUTHORIZED",
"message": "Missing or invalid API key. Pass it as `Authorization: Bearer ax_live_…`."
},
"meta": { "request_id": "req_abc123" }
}Status codes
Axiora uses standard HTTP status codes alongside the typed code.
StatuscodeMeaning
401SIGNATURE_INVALIDA webhook signature didn't verify against your signing secret.
401UNAUTHORIZEDMissing or invalid API key. Pass it as `Authorization: Bearer ax_live_…`.
403FORBIDDENAuthenticated, but this key isn't allowed to use this endpoint.
403TIER_REQUIREDThis endpoint or dataset requires a higher plan tier than your key has.
404NOT_FOUNDThe requested company, filing, or resource isn't in coverage.
413BODY_TOO_LARGEThe request body exceeded the maximum allowed size.
422VALIDATION_ERRORThe request failed validation — a parameter is missing, malformed, or out of range. The `detail` array names each problem.
429RATE_LIMITEDYou exceeded your plan's rate limit. Retry after the window in `Retry-After`.
500INTERNAL_ERRORAn unexpected server error. Safe to retry; cached freeze tokens still resolve.
A 429 includes a Retry-After header, see Rate limits for back-off guidance.