Errors
Direct Debit API Errors
The Direct Debit API uses conventional HTTP response codes to indicate the success or failure of an API request. In general:
- codes in the 2xx range indicate success
- codes in the 4xx range indicate an error that failed given the information provided (e.g., a required parameter was omitted, a header is missing, etc.)
- codes in the 5xx range indicate an error with Ayoconnect or the bank's system (these are rare but they happen).
As our API can raise errors for many reasons, such as a failed charge, invalid parameters, authentication errors.. we recommend writing code that gracefully handles all possible error codes.
All the errors include an error code and a short human-readable message that briefly explains the error reported (you can use it internally but don't share it with your clients/users).
Error responses
Error responses are a combination of the HTTP response code, the service code, and the case dode.
Error response = HTTP response code + service code + case code
Service Codes
Below is a list with all the service codes:
| Service code | Service |
|---|---|
| 00 | Callback API |
| 10 | Generate B2B Access Token API |
| 20 | Generate B2B2C Customer Authorization Token API |
| 30 | Get Oauth Code API |
| 31 | Account Binding API |
| 32 | Account Unbinding API |
| 33 | Direct Debit Payment API |
| 34 | Verify OTP API |
| 35 | Get a List of Cards Bound to a Customer API |
| 36 | Get the Status of a transaction API |
HTTP Response Codes
Below is a list of possible HTTP response codes, along with additional information about them:
| HTTP Response | Message | Description |
|---|---|---|
| 400 | Bad Request | The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). |
| 401 | Unauthorized | Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. |
| 403 | Forbidden | The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401 Unauthorized, the client's identity is known to the server. |
| 404 | Not Found | The server cannot find the requested resource. In the browser, this means the URL is not recognized. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client. |
| 409 | Conflict | This response is sent when a request conflicts with the current state of the server. |
| 429 | Too Many Requests | The user has sent too many requests in a given amount of time. |
| 500 | Internal Server Error | The server has encountered a situation it does not know how to handle. |
| 504 | Gateway Timeout | This error response is given when the server is acting as a gateway and cannot get a response in time. |
Case Codes
Below is a list of all possible HTTP response codes and case codes, along with additional information about them:
| HTTP Code | Service Code | Case Code | Response Message | Response Description |
|---|---|---|---|---|
| 400 | XX | 00 | Bad Request | |
| 400 | XX | 01 | Invalid Field Format '{fieldName}' | '{fieldName}' is invalid |
| 400 | XX | 01 | Invalid Field Format otpAllowed | The 'otpAllowed' parameter should be either YES or NO |
| 400 | XX | 02 | Invalid Field X-Timestamp | Invalid mandatory header X-Timestamp |
| 400 | XX | 02 | Invalid Field Format Redirect Url | Invalid mandatory parameter redirect url |
| 400 | XX | 02 | Invalid Field Format State | Invalid mandatory parameter state |
| 400 | XX | 02 | Invalid Field Format Seamless Data | Invalid mandatory parameter seamless data |
| 400 | XX | 02 | Invalid Field X-CLIENT-KEY | Invalid mandatory header X-CLIENT-KEY |
| 400 | XX | 02 | Invalid Field Format | Invalid Format |
| 400 | XX | 02 | Invalid Field Format Content-Type | Invalid mandatory header Content-Type |
| 400 | XX | 02 | Invalid Mandatory Field | The mandatory field is invalid |
| 400 | XX | 02 | Invalid Field Scopes | Invalid field format Scopes |
| 400 | XX | 02 | Invalid Field Format Currency | Invalid mandatory parameter currency |
| 400 | XX | 02 | Invalid Field Format X-EXTERNAL-ID | Invalid mandatory header X-EXTERNAL-ID |
| 400 | XX | 02 | Invalid Field Format grant_type | Invalid mandatory parameter grant_type |
| 400 | XX | 02 | Invalid Field Format Seamless Data | Invalid mandatory parameter seamless data |
| 400 | XX | 02 | Invalid Field Format CHANNEL-ID | Invalid mandatory header CHANNEL-ID |
| 400 | XX | 02 | Invalid Field X-Timestamp | Invalid field format of X-Timestamp |
| 400 | XX | 02 | Invalid Field X-PARTNER-ID | Invalid field format of X-PARTNER-ID |
| 400 | XX | 02 | Invalid Field Format partnerReferenceNo | Invalid mandatory parameter partnerReferenceNo |
| 400 | XX | 02 | Invalid AuthCode | Invalid AuthCode |
| 400 | XX | 02 | Invalid Field Format Accept | Invalid mandatory header Accept |
| 401 | XX | 00 | Unauthorized | Invalid Authorization-Customer Header |
| 401 | XX | 00 | Unauthorized | Invalid mandatory header X-SIGNATURE |
| 401 | XX | 00 | Unauthorized | Invalid Authorization Header |
| 403 | XX | 00 | Session Expired | Session expired. Please try again |
| 403 | XX | 03 | Suspected Fraud Transaction | Suspected Fraud |
| 403 | XX | 04 | Activity Count Limit Exceeded | Retry count exhausted. Please try after some time |
| 403 | XX | 04 | Insufficient Fund | Account does not have sufficient balance |
| 403 | XX | 05 | Do Not Honor | The customer is blocked. Please reach out to Ayoconnect for resolution |
| 403 | XX | 05 | Do Not Honor | Card account has been frozen |
| 403 | XX | 05 | Do Not Honor | Maximum (OTP) passcode retries have been attempted. The customer is blocked |
| 403 | XX | 05 | Card Blocked | The Card is blocked. Please reach out to Ayoconnect for resolution |
| 403 | XX | 07 | Card Disabled | The Card is disabled |
| 403 | XX | 07 | Card Blocked | Card is blocked or temporarily disabled by the bank |
| 403 | XX | 07 | Card Blocked | The Card is blocked. Please reach out to Ayoconnect for resolution |
| 403 | XX | 08 | Card Expired | Card has expired |
| 403 | XX | 12 | OTP Lifetime Expired | The (OTP) passcode has expired |
| 403 | XX | 16 | Suspend Transactions | An error occurred while performing the transaction using the card |
| 403 | XX | 18 | Timeout from Bank | Server Timeout from Bank. Please try again in sometime. |
| 403 | XX | 18 | Inactive Card | Card is inactive |
| 403 | XX | 18 | Inactive Customer | The customer is inactive. Please reach out to Ayoconnect for resolution |
| 403 | XX | 20 | Transaction Limit Exceeded | Exceeds Transaction Amount Limit |
| 403 | XX | 20 | Transaction Failed | Payment without OTP is not allowed for this amount |
| 403 | XX | 20 | Transaction Failed | Amount is lesser than the merchant limit |
| 403 | XX | 20 | Transaction Failed | Payment with OTP requires minimum amount |
| 403 | XX | 20 | Transaction Failed | Payment without OTP is not allowed for this amount |
| 403 | XX | 20 | Dormant Account | The account is dormant |
| 404 | XX | 00 | Invalid Transaction Status | The transaction status is invalid |
| 404 | XX | 01 | Transaction Not Found | Transaction Not Found |
| 404 | XX | 02 | Invalid Token | The bank card token or account token is invalid/expired |
| 404 | XX | 02 | Invalid Action | Invalid mandatory parameter action |
| 404 | XX | 02 | Invalid XExternalId | Invalid mandatory parameter XExternalId |
| 404 | XX | 07 | Invalid PublicUserId | The publicUserId is invalid |
| 404 | XX | 08 | Inactive Merchant | Merchant is inactive |
| 404 | XX | 08 | Invalid Merchant | Merchant not found |
| 404 | XX | 08 | Invalid Merchant | The merchantId is invalid |
| 404 | XX | 11 | Invalid Card | Card number is invalid |
| 404 | XX | 11 | Invalid Card | Card was not found |
| 404 | XX | 11 | Invalid Customer | Customer not found |
| 404 | XX | 11 | Invalid Customer | Merchant and Customer details are mismatched |
| 404 | XX | 13 | Invalid Amount | The amount is invalid |
| 404 | XX | 13 | Invalid Field Format bankCode | Invalid mandatory parameter bankCode |
| 404 | XX | 15 | Invalid OTP | The (OTP) passcode is incorrect |
| 404 | XX | 15 | Invalid OTP | The otpToken is invalid |
| 404 | XX | 15 | Invalid OTP | The (OTP) passcode is invalid |
| 405 | XX | 00 | Requested Function Is Not Supported | Payment with OTP is not supported for this bank |
| 409 | XX | 00 | Conflict | Cannot use same 'X-EXTERNAL-ID' in different flow |
| 429 | XX | 00 | Too Many Requests | The OTP requests have reached the maximum |
| 500 | XX | 00 | General Error | OTP configuration not found for merchant |
| 500 | XX | 00 | General Error | Card deletion process has failed |
| 500 | XX | 02 | Internal Server Error | Internal Server Error |
| 500 | XX | 03 | Transaction Failed | A bank error occurred while performing this operation |
| 504 | XX | 00 | Timeout | Server Timeout |
| 504 | XX | 00 | Timeout | Bank gateway timeout |
Updated about 2 months ago