Data Reference

Errors

Error envelope shape, error codes, retry guidance, and rate-limit headers.

Most API errors use an error envelope with a machine code and a human message.

{
  "error": {
    "code": "NOT_FOUND",
    "message": "Vault not found"
  }
}

Error Codes

CodeHTTP statusMeaningRetry guidance
BAD_REQUEST400Invalid path, query, or body inputFix the request before retrying
UNAUTHORIZED401Authentication is missing or invalidAdd a valid bearer key or session
FORBIDDEN403The supplied key or session is not allowedDo not retry until access changes
NOT_FOUND404Resource not found or feature disabledCheck the identifier or feature availability
CONFLICT409Request conflicts with existing stateRefresh state before retrying
VERSION_RETIRED410Basket version was retiredFollow the successor URL
PAYLOAD_TOO_LARGE413Request body exceeds the API body limitSend a smaller body
RATE_LIMITED429Rate limit exceededRetry after the Retry-After value
SERVICE_UNAVAILABLE503Fail-safe, graph materialization, Redis, or upstream data is unavailableRetry after the Retry-After value when present
INTERNAL_ERROR500Unexpected server errorRetry with backoff and include request context if reporting

VERSION_RETIRED is emitted by immutable basket version routes. This retired-version response is a legacy exception that includes the field success set to false alongside the error object. Parse error.code and use the successor pointer plus the Link header with rel="successor-version".

{
  "success": false,
  "error": {
    "code": "VERSION_RETIRED",
    "message": "Basket version 42 for \"rwa-tbill-conservative\" was retired. Use the latest version at /v1/baskets/rwa-tbill-conservative.",
    "retired_at": "2026-07-01T00:00:00Z",
    "successor_url": "https://api.philidor.io/v1/baskets/rwa-tbill-conservative"
  }
}

Rate Limit Headers

Responses include rate-limit headers when rate limiting is applied.

HeaderMeaning
X-RateLimit-LimitRequests allowed in the active window
X-RateLimit-RemainingRequests remaining in the active window
X-RateLimit-ResetUnix timestamp for reset
X-RateLimit-WindowWindow length such as 60s
Retry-AfterSeconds to wait before retrying

Anonymous public reads use IP-based limits. API-key requests use the key's configured per-minute limit on public routes.

Retry Pattern

Handle 429 and 503 first. If Retry-After is present, wait that many seconds before retrying.

Use exponential backoff for 500 responses. Do not retry 400, 401, 403, or 404 without changing the request or credentials.

On this page

Raw