Error codes

The following error codes can be returned with the associated HTTP status.

HTTP StatusDescriptionError CodeRetryHow to handle
200Success
400The supplied parameters are not valid.validation_errorYesThere's a problem with the request. Read the error message which explains what's wrong with the request specifically.
400Invalid date range provided.invalid_date_rangeNoChange the from and to parameters. Check here for bank-specific requirements: https://truelayer.zendesk.com/hc/en-us/articles/360003168153-How-far-back-can-I-pull-transactions-
400The provider has been deprecated.deprecated_providerNoThe provider has been deprecated. It is no longer supported.
401The credentials or token are no longer validunauthorizedNoRefresh your access token. The access token may be invalid or expired. You can check for more details in the error description.
401The token is no longer validinvalid_tokenNoRefresh your access token. The access token may be invalid or expired. You can check for more details in the error description.
403Access to a specific resource has been denied.access_deniedNoAsk the user to reconnect their account. This error is returned when the access to their account is no longer valid, either because it expired or because the user revoked it themselves.
403The provided credentials encryption key is invalid.invalid_credentials_key
403SCA exemption has expired. This resource is protected and should be accessed shortly after PSU Authentication. In order to access this resource, please have the PSU re-authenticate.sca_exceededNoThe access to that specific endpoint has expired. For example, for some European banks you may only access the /info endpoint, or transanctions older than 90 days, during the 5 minutes after the user first grants access. Access to other data (balances, recent transactions) should still be working.
404The requested account cannot be found.account_not_foundNoCheck the accountId parameter used within your request. Confirm this matches an accountId returned from /accounts endpoint.
429Provider rate limit exceeded.provider_too_many_requestsYesInclude the X-PSU-IP header or retry later. Requests exceed the bank's rate limit.
429Maximum number of requests per user allowed by provider exceeded.provider_request_limit_exceededYesInclude the X-PSU-IP header or retry later. The bank has a regulatory limit on how often the account can be accessed (for example, many European banks have a limit of 4 requests for a given user per endpoint per day, unless the user has initiated the request).
500Internal server error.internal_server_errorYesRetry later.
501Feature not supported by the provider.endpoint_not_supportedNoCheck supported endpoints for each provider via our Help Desk FAQ.
503The provider service is unavailable.provider_errorYesRetry later - the bank is currently undergoing maintenance.
503The connector service is currently overloaded.connector_overloadYesRetry later - TrueLayer is currently overloaded.
503The provider service is unavailable.temporarily_unavailableYesRetry later - the bank is experiencing unexpected downtime.
504The provider service timed out.provider_timeoutYesRetry later - the bank is experiencing issues.
504The connector service timed out.connector_timeoutYesRetry later - TrueLayer is experiencing a transient issue.

End-user IP Address

EU banks limit the number of requests that can be made to their API if the request is not initiated by the end-user. These are documented as 429 errors here. In order to avoid this rate limit, you can include the end-user's IP address in your requests to the Data API as follows.

FieldTypeDescription
X-PSU-IPstringThe PSU's IP address to be passed on to the bank in order to avoid rate limiting.

Did this page help you?