API Error Code Definitions

What does each API error code mean?

Purpose: To help you understand each error code associated with the API.  This help guide will review a list of error codes and their meanings.

Table of Contents

HTTP status codes

Every request includes an HTTP status code with the result. The status code should be examined before the response.

Successful status codes (2xx)
  • 200: OK - The request is a success.
  • 201: Created - The resource is a successful creation. Confirms a success when creating a new employee, time off request, etc.
Client error status codes (4xx)
  • 400: Bad Request - The request is invalid, or the server could not understand it.  Resubmitting the request will likely result in the same error. We provide a header "X-BambooHR-Error-Messsage:" (the extra "s" in the message will be there) that usually gives additional information.
  • 401: Unauthorized - Your API key is missing.
  • 403: Forbidden - The application has attempted to perform an action it does not have privileges to access. Verify your key belongs to an enabled user with the required access.
  • 404: Not Found - The resource is unfound with the given identifier. The given URL is not a valid API, or the ID of the object specified in the request is invalid.  It can also be that the method (GET, POST, PUT, DELETE) is unavailable.
  • 406: Not Acceptable - The request contains references to nonexistent fields.
  • 409: Conflict - The request attempts to create a duplicate. For employees, duplicate emails are not allowed. For lists, duplicated values are not allowed.
  • 429: Limit Exceeded - The account has reached its employee limit and does not allow the addition of more employees.
Server error status codes (5xx)
  • 500: Internal Server Error - The server has encountered an error while processing your request and failed.
  • 502: Gateway Error - The load balances or web server has trouble connecting to the BambooHR app. Please try the request again.
  • 503: Service Unavailable - The service is temporarily unavailable.  Please try the request again.  We provide a header that states "Retry-After" to let you know how long you should wait before retrying.

You can future-proof your code by using the following ranges.

  • 200 - 299 as success codes
  • 400 - 499 as client request errors
  • 500 - 599 as server errors