Error Codes
Cornerstone uses conventional HTTP response codes to indicate the success or failure of an API request. Typically, codes in the 2xx range indicate success. Codes in the 4xx range indicate an error based on the information you provided in the request. Codes in the 5xx range indicate an error on the Cornerstone end (these should be rare).
The table below lists the HTTP error codes returned by Cornerstone APIs. For a list of additional validation errors, please refer to the specific API documentation.
| Error Code | Description |
|---|---|
| 400 Bad Request. | Usually indicates that your request is malformed. Refer to the API specifications and ensure your request is formatted correctly. For POST, PUT, and PATCH operations, use the examples provided as a starting point to construct your request. |
| 401 Unauthorized. | Indicates that either your access token is invalid, has expired, or does not have the 'scope' to perform this operation. This error can also indicate that the user associated with your OAuth 2.0 application does not have the required permissions or constraints. Click here to get a list of permissions for each API. |
| 404 Not Found. | Indicates that the API endpoint or resource isn't correct. This can also occur when a request includes an excessive number of HTTP headers (more than 100), which prevents the gateway from reliably matching the request to a route. See Request Header Limits below. |
| 429 CSOD Too many requests. | Indicates that you have exceeded the throttling limits for the API. |
| 500, 503, 504 Internal Server Error, Service Unavailable, Gateway Timeout. | Errors in the 5xx range indicate that something went wrong on Cornerstone's end. These should be rare. We recommend that you add retry logic in your code to handle what likely is an ephemeral issue. If you see these frequently, please log a case with Global Product Support so that we can investigate. |
Request Header Limits
Cornerstone's API gateway only inspects the first 100 HTTP headers of a request when determining which route (API endpoint) to dispatch to. If your request sends more than 100 headers, route selection may be inaccurate and the request can fail with an unexpected 404 Not Found — even when the URL and resource are valid.
WARNING
Requests containing more than 100 headers are not supported and may be routed incorrectly. Review your HTTP client and any intermediate proxies, and remove duplicate or non-essential headers so that each request stays within the 100-header limit.