Anti-Fraud · Errors
Codes specific to Anti-Fraud Platform — see Errors (global) for the base list.
Evaluate
| HTTP | Error | Meaning |
|---|---|---|
| 400 | lane required (onboarding or transaction) | Most rules are lane-specific. |
| 400 | sessionToken expired or invalid | Token TTL is 30 min. SDK should re-collect. |
| 409 | idempotent replay: existing externalId | Same externalId within 24h. Returns original decision. |
| 422 | customer KYC tier insufficient for lane | Some orgs require minimum KYC tier (e.g. standard) for transaction-lane evaluate. |
| 429 | rate limit exceeded: evaluate | 100/min default. Higher tiers up to 20k/min. |
Device session
| HTTP | Error | Meaning |
|---|---|---|
| 400 | device.platform required | SDK didn't fill platform field — usually misconfigured. |
| 422 | attestation verdict: failed | AppAttest or Play Integrity rejected the token. Surfaced for rules. |
Rules
| HTTP | Error | Meaning |
|---|---|---|
| 409 | rule code conflict in org | Codes unique per active rule per org. |
| 409 | four-eyes violation: approver = drafter | block-action rules require approver != drafter. |
| 422 | rule has dependent live alerts; cannot retire | Resolve linked open alerts first. |
Lists
| HTTP | Error | Meaning |
|---|---|---|
| 400 | entries[]: max 1000 per request | Use bulk CSV import for larger batches. |
| 403 | list class read-only: connector-managed | List is fed from external DB; mutate via warehouse not API. |
Workflows (automations)
| HTTP | Error | Meaning |
|---|---|---|
| 422 | trigger not in lane | Workflow lane doesn't match the trigger event's lane. |
| 422 | workflow paused for org | Admin disabled this workflow. |
Customer rejection
| HTTP | Error | Meaning |
|---|---|---|
| 403 | reject-customer: requires fraud_ops role | Not all roles can issue this action. |
| 409 | customer already rejected | Calling twice is idempotent on outcome but errors on retry. |