On this page

Okta error codes and descriptions

This document contains a complete list of all errors that the Okta API returns.

All errors contain the follow fields:

Property Description
errorCode An Okta code for this type of error
errorSummary A short description of what caused this error. Sometimes this contains dynamically-generated information about your specific error.
errorLink An Okta code for this type of error
errorId A unique identifier for this error. This can be used by Okta Support to help with troubleshooting.
errorCauses (Optional) Further information about what caused this error
Found 231 matches

E0000001: API validation exception

HTTP Status: 400 Bad Request

API validation failed for the current request. This is a fairly general error that signifies that endpoint's precondition has been violated. Such preconditions are endpoint specific. Users are encouraged to navigate to the documentation for the endpoint and read through the "Response Parameter" section. For example, the documentation for "Suspend User" indicates that suspending a user who is not active will result in the `E0000001` error code.

Show Example Error Response

E0000002: Illegal API argument exception

HTTP Status: 400 Bad Request

The request was not valid: {0}

Show Example Error Response

E0000003: Reader exception

HTTP Status: 400 Bad Request

The request body was not well-formed.

Show Example Error Response

E0000004: Authentication exception

HTTP Status: 401 Unauthorized

Authentication failed

Show Example Error Response

E0000005: Invalid session exception

HTTP Status: 403 Forbidden

Invalid session

Show Example Error Response

E0000006: Access denied exception

HTTP Status: 403 Forbidden

You do not have permission to perform the requested action

Show Example Error Response

E0000007: Resource not found exception

HTTP Status: 404 Not Found

Not found: {0}

Show Example Error Response

E0000008: Not found exception

HTTP Status: 404 Not Found

The requested path was not found

Show Example Error Response

E0000009: Internal server error

HTTP Status: 500 Internal Server Error

Internal Server Error

Show Example Error Response

E0000010: Read only database exception

HTTP Status: 503 Service Unavailable

Service is in read only mode

Show Example Error Response

E0000011: Invalid token exception

HTTP Status: 401 Unauthorized

Invalid token provided

Show Example Error Response

E0000012: Unsupported media type

HTTP Status: 404 Not Found

Unsupported media type

Show Example Error Response

E0000013: Invalid client app exception

HTTP Status: 403 Forbidden

Invalid client app id

Show Example Error Response

E0000014: Update credentials failed exception

HTTP Status: 403 Forbidden

Update of credentials failed

Show Example Error Response

E0000015: Feature not enabled exception

HTTP Status: 401 Unauthorized

You do not have permission to access the feature you are requesting

Show Example Error Response

E0000016: Activate user failed exception

HTTP Status: 403 Forbidden

Activation failed because the user is already active

Show Example Error Response

E0000017: Reset password failed exception

HTTP Status: 403 Forbidden

Password reset failed

Show Example Error Response

E0000018: Servlet request binding exception

HTTP Status: 400 Bad Request

Bad request. Accept and/or Content-Type headers are likely not set.

Show Example Error Response

E0000019: HTTP media type not acceptable exception

HTTP Status: 400 Bad Request

Bad request. Accept and/or Content-Type headers likely do not match supported values.

Show Example Error Response

E0000020: Illegal argument exception

HTTP Status: 400 Bad Request

Bad request.

Show Example Error Response

E0000021: HTTP media type not supported exception

HTTP Status: 400 Bad Request

Bad request. Accept and/or Content-Type headers likely do not match supported values.

Show Example Error Response

E0000022: HTTP request method not supported exception

HTTP Status: 405 Method Not Allowed

The endpoint does not support the provided HTTP method. This is a general error that signifies the API call being made is not allowed based on either a lack of permissions for the sender or an invalid token being sent alongside the call. Check you're sending the correct HTTP Verb and authorization header with the request. Check that API access, user authorization and the feature you want to access have all been enabled for your org. Finally, check if OAuth provider will accept a token generated by Okta as some do not.

Show Example Error Response

E0000023: App user exception

HTTP Status: 403 Forbidden

Operation failed because user profile is mastered under another system

Show Example Error Response

E0000024: Unsupported app metadata operation exception

HTTP Status: 400 Bad Request

Bad request. This operation on app metadata is not yet supported.

Show Example Error Response

E0000025: Assign app version failed exception

HTTP Status: 400 Bad Request

App version assignment failed.

Show Example Error Response

E0000026: API endpoint deprecated exception

HTTP Status: 404 Not Found

This endpoint has been deprecated.

Show Example Error Response

E0000027: Group push exception

HTTP Status: 400 Bad Request

Group push bad request : {0}

Show Example Error Response

E0000028: Missing servlet request parameter exception

HTTP Status: 400 Bad Request

The request is missing a required parameter.

Show Example Error Response

E0000029: Invalid paging exception

HTTP Status: 400 Bad Request

Invalid paging request.

Show Example Error Response

E0000030: Invalid date exception

HTTP Status: 400 Bad Request

Bad request. Invalid date. Dates must be of the form yyyy-MM-dd'T'HH:mm:ss.SSSZZ, e.g. 2013-01-01T12:00:00.000-07:00.

Show Example Error Response

E0000031: Invalid search criteria exception

HTTP Status: 400 Bad Request

Invalid search criteria.

Show Example Error Response

E0000032: Unlock forbidden exception

HTTP Status: 403 Forbidden

Unlock is not allowed for this user.

Show Example Error Response

E0000033: Search request exception

HTTP Status: 400 Bad Request

Bad request. Can't specify a search query and filter in the same request.

Show Example Error Response

E0000034: Forgot password not allowed exception

HTTP Status: 403 Forbidden

Forgot password not allowed on specified user.

Show Example Error Response

E0000035: Change password not allowed exception

HTTP Status: 403 Forbidden

Change password not allowed on specified user.

Show Example Error Response

E0000036: Change recovery question not allowed exception

HTTP Status: 403 Forbidden

Change recovery question not allowed on specified user.

Show Example Error Response

E0000037: Type mismatch exception

HTTP Status: 400 Bad Request

Type mismatch exception. {0}

Show Example Error Response

E0000038: User operation forbidden exception

HTTP Status: 403 Forbidden

This operation is not allowed in the user's current status.

Show Example Error Response

E0000039: Change app instance failed exception

HTTP Status: 403 Forbidden

Operation on application settings failed.

Show Example Error Response

E0000040: Duplicate instance label exception

HTTP Status: 400 Bad Request

Application label must not be the same as an existing application label.

Show Example Error Response

E0000041: Password option argument exception

HTTP Status: 400 Bad Request

Credentials should not be set on this resource based on the scheme.

Show Example Error Response

E0000042: Set redirect url failed exception

HTTP Status: 403 Forbidden

Setting the error page redirect URL failed.

Show Example Error Response

E0000043: Self assign org apps not enabled exception

HTTP Status: 403 Forbidden

Self service application assignment is not enabled.

Show Example Error Response

E0000044: Self assign not supported exception

HTTP Status: 403 Forbidden

Self service application assignment is not supported.

Show Example Error Response

E0000045: Field mapping API exception

HTTP Status: 400 Bad Request

Field mapping bad request.

Show Example Error Response

E0000046: Deactivate app user forbidden exception

HTTP Status: 403 Forbidden

Deactivate application for user forbidden.

Show Example Error Response

E0000047: Too many requests exception

HTTP Status: 429 Too Many Requests

API call exceeded rate limit due to too many requests.

Show Example Error Response

E0000048: OPP entity not found exception

HTTP Status: 404 Not Found

Entity not found exception.

Show Example Error Response

E0000049: OPP invalid SCIM data from SCIM implementation exception

HTTP Status: 500 Internal Server Error

Invalid SCIM data from SCIM implementation.

Show Example Error Response

E0000050: OPP invalid SCIM data from client exception

HTTP Status: 400 Bad Request

Invalid SCIM data from client.

Show Example Error Response

E0000051: OPP no response from SCIM implementation exception

HTTP Status: 500 Internal Server Error

No response from SCIM implementation.

Show Example Error Response

E0000052: OPP endpoint not implemented exception

HTTP Status: 501 Not Implemented

Endpoint not implemented.

Show Example Error Response

E0000053: OPP invalid SCIM filter

HTTP Status: 400 Bad Request

Invalid SCIM filter.

Show Example Error Response

E0000054: OPP invalid pagination properties

HTTP Status: 400 Bad Request

Invalid pagination properties.

Show Example Error Response

E0000055: OPP duplicate group

HTTP Status: 409 Conflict

Duplicate group.

Show Example Error Response

E0000056: Delete app instance forbidden exception

HTTP Status: 403 Forbidden

Delete application forbidden.

Show Example Error Response

E0000057: Policy deny exception

HTTP Status: 403 Forbidden

Access to this application is denied due to a policy.

Show Example Error Response

E0000058: Policy factor required exception

HTTP Status: 403 Forbidden

Access to this application requires MFA: {0}

Show Example Error Response

E0000059: OPP connector settings test failure

HTTP Status: 400 Bad Request

The connector configuration could not be tested. Make sure that the URL, Authentication Parameters are correct and that there is an implementation available at the URL provided.

Show Example Error Response

E0000060: Unsupported operation

HTTP Status: 501 Not Implemented

Unsupported operation.

Show Example Error Response

E0000061: Tab exception

HTTP Status: 403 Forbidden

Tab error: {0}

Show Example Error Response

E0000062: Duplicate app assignment

HTTP Status: 409 Conflict

The specified user is already assigned to the application.

Show Example Error Response

E0000063: Invalid parameter combination exception

HTTP Status: 400 Bad Request

Invalid combination of parameters specified.

Show Example Error Response

E0000064: Password expired exception

HTTP Status: 401 Unauthorized

Password is expired and must be changed.

Show Example Error Response

E0000065: App metadata internal server exception

HTTP Status: 500 Internal Server Error

Internal error processing app metadata.

Show Example Error Response

E0000066: Mim apns not configured exception

HTTP Status: 400 Bad Request

APNS is not configured, contact your admin

Show Example Error Response

E0000067: Factor service timeout exception

HTTP Status: 504 Gateway Timeout

Factors Service Error.

Show Example Error Response

E0000068: Factor invalid code exception

HTTP Status: 403 Forbidden

Invalid Passcode/Answer

Show Example Error Response

E0000069: Factor user locked exception

HTTP Status: 403 Forbidden

User Locked

Show Example Error Response

E0000070: Factor waiting for ack exception

HTTP Status: 202 Accepted

Waiting for ACK

Show Example Error Response

E0000071: Mim unsupported version exception

HTTP Status: 400 Bad Request

Unsupported OS Version: {0}

Show Example Error Response

E0000072: Mim enrollment disallowed exception

HTTP Status: 403 Forbidden

MIM policy settings have disallowed enrollment for this user

Show Example Error Response

E0000073: Factor user rejected code exception

HTTP Status: 403 Forbidden

User rejected authentication

Show Example Error Response

E0000074: Factor service exception

HTTP Status: 400 Bad Request

Factor Service Error

Show Example Error Response

E0000075: App user profile push constraint exception

HTTP Status: 403 Forbidden

Cannot modify the {0} attribute because it has a field mapping and profile push is enabled.

Show Example Error Response

E0000076: App user profile mastering constraint exception

HTTP Status: 405 Method Not Allowed

Cannot modify the app user because it is mastered by an external app.

Show Example Error Response

E0000077: Read only attribute exception

HTTP Status: 403 Forbidden

Cannot modify the {0} attribute because it is read-only.

Show Example Error Response

E0000078: Immutable attribute exception

HTTP Status: 403 Forbidden

Cannot modify the {0} attribute because it is immutable.

Show Example Error Response

E0000079: Illegal auth state exception

HTTP Status: 403 Forbidden

This operation is not allowed in the current authentication state.

Show Example Error Response

E0000080: Password policy violation exception

HTTP Status: 403 Forbidden

The password does not meet the complexity requirements of the current password policy.

Show Example Error Response

E0000081: System scope attribute exception

HTTP Status: 403 Forbidden

Cannot modify the {0} attribute because it is a reserved attribute for this application.

Show Example Error Response

E0000082: Factor passcode replayed exception

HTTP Status: 403 Forbidden

Each code can only be used once. Please wait for a new code and try again.

Show Example Error Response

E0000083: Factor time window exceeded exception

HTTP Status: 403 Forbidden

PassCode is valid but exceeded time window.

Show Example Error Response

E0000084: App evaluation exception

HTTP Status: 403 Forbidden

App evaluation error.

Show Example Error Response

E0000085: Sign on denied exception

HTTP Status: 403 Forbidden

You do not have permission to access your account at this time.

Show Example Error Response

E0000086: Policy activation exception

HTTP Status: 403 Forbidden

This policy cannot be activated at this time.

Show Example Error Response

E0000087: Invalid recovery answer exception

HTTP Status: 403 Forbidden

The recovery question answer did not match our records.

Show Example Error Response

E0000088: Org Creator API subdomain already exists exception

HTTP Status: 400 Bad Request

Org Creator API subdomain validation exception: An object with this field already exists.

Show Example Error Response

E0000089: Org Creator API name validation exception

HTTP Status: 400 Bad Request

Org Creator API name validation exception.

Show Example Error Response

E0000090: Duplicate role assignment exception

HTTP Status: 409 Conflict

The role specified is already assigned to the user.

Show Example Error Response

E0000091: Illegal role assignment exception

HTTP Status: 400 Bad Request

The provided role type was not the same as required role type.

Show Example Error Response

E0000092: Policy allow with conditions exception

HTTP Status: 403 Forbidden

Access to this application requires re-authentication: {0}

Show Example Error Response

E0000093: Too many target records exception

HTTP Status: 400 Bad Request

Target count limit exceeded

Show Example Error Response

E0000094: Complex filter exception

HTTP Status: 400 Bad Request

The provided filter is unsupported.

Show Example Error Response

E0000095: Recovery forbidden for unknown user exception

HTTP Status: 403 Forbidden

Recovery not allowed for unknown user.

Show Example Error Response

E0000096: Idp certificate conflict exception

HTTP Status: 409 Conflict

This certificate has already been uploaded with kid={0}.

Show Example Error Response

E0000097: Mobile phone not verified exception

HTTP Status: 403 Forbidden

There is no verified phone number on file.

Show Example Error Response

E0000098: Phone number parse exception

HTTP Status: 400 Bad Request

This phone number is invalid.

Show Example Error Response

E0000099: International SMS call not enabled exception

HTTP Status: 403 Forbidden

Only numbers located in US and Canada are allowed. Contact your administrator if this is a problem.

Show Example Error Response

E0000100: Search not available exception

HTTP Status: 503 Service Unavailable

Unable to perform search query.

Show Example Error Response

E0000101: Invalid hosted mobile app

HTTP Status: 400 Bad Request

There was an issue with the app binary file you uploaded. {0}

Show Example Error Response

E0000102: Invalid yubikey state exception

HTTP Status: 403 Forbidden

YubiKey cannot be deleted while assigned to an user. Please deactivate YubiKey using reset MFA and try again

Show Example Error Response

E0000103: OEM command already queued

HTTP Status: 403 Forbidden

Action on device already in queue or in progress

Show Example Error Response

E0000104: OEM device already locked

HTTP Status: 403 Forbidden

Device is already locked and cannot be locked again

Show Example Error Response

E0000105: Invalid or expired recovery token

HTTP Status: 403 Forbidden

You have accessed an account recovery link that has expired or been previously used.

Show Example Error Response

E0000107: Transition state exception

HTTP Status: 403 Forbidden

The entity is not in the expected state for the requested transition.

Show Example Error Response

E0000108: OEM generic duplicate resource

HTTP Status: 409 Conflict

OEM generic duplicate resource.

Show Example Error Response

E0000109: SMS too many requests exception

HTTP Status: 429 Too Many Requests

An SMS message was recently sent. Please wait 30 seconds before trying again.

Show Example Error Response

E0000110: Invalid or expired transaction token

HTTP Status: 403 Forbidden

You have accessed a link that has expired or has been previously used.

Show Example Error Response

E0000111: Read only object exception

HTTP Status: 403 Forbidden

Cannot modify the {0} object because it is read-only.

Show Example Error Response

E0000112: Update activating user exception

HTTP Status: 409 Conflict

Cannot update this user because they are still being activated. Please try again in a few minutes.

Show Example Error Response

E0000113: Factor additional challenge exception

HTTP Status: 409 Conflict

{0}.

Show Example Error Response

E0000115: Hosted mobile app service exception

HTTP Status: 503 Service Unavailable

There was an issue while uploading the app binary file. {0}

Show Example Error Response

E0000116: Hosted mobile app upload exception

HTTP Status: 400 Bad Request

{0}

Show Example Error Response

E0000117: Inactive user forbidden exception

HTTP Status: 403 Forbidden

Cannot assign apps or update app profiles for an inactive user.

Show Example Error Response

E0000118: Email too many requests exception

HTTP Status: 429 Too Many Requests

An email was recently sent. Please wait 5 seconds before trying again.

Show Example Error Response

E0000119: User locked recovery exception

HTTP Status: 403 Forbidden

Your account is locked. Please contact your administrator.

Show Example Error Response

E0000120: Org Creator API custom domain validation exception

HTTP Status: 400 Bad Request

The custom domain requested is already in use by another organization.

Show Example Error Response

E0000121: Invalid phone extension

HTTP Status: 400 Bad Request

Invalid phone extension. Please enter a valid phone extension.

Show Example Error Response

E0000122: Media type not accepted exception

HTTP Status: 406 Not Acceptable

Accept Header did not contain supported media type 'application/json'

Show Example Error Response

E0000123: Enum mismatch exception

HTTP Status: 400 Bad Request

Array specified in enum field must match const values specified in oneOf field.

Show Example Error Response

E0000124: Expire on create requires password exception

HTTP Status: 400 Bad Request

Could not create user. To create a user and expire their password immediately, a password must be specified

Show Example Error Response

E0000125: Expire on create requires activation exception

HTTP Status: 400 Bad Request

Could not create user. To create a user and expire their password immediately, "activate" must be true

Show Example Error Response

E0000126: Self service not supported exception

HTTP Status: 400 Bad Request

Self service is not supported with the current settings.

Show Example Error Response

E0000127: Linked object definition exception

HTTP Status: 409 Conflict

Invalid linked objection definition. {0}

Show Example Error Response

E0000131: Feature validation exception

HTTP Status: 400 Bad Request

{0}

Show Example Error Response

E0000132: Client registration already active exception

HTTP Status: 400 Bad Request

The registration is already active for the given user, client and device combination

Show Example Error Response

E0000133: Phone call too many requests exception

HTTP Status: 429 Too Many Requests

A phone call was recently made. Please wait 30 seconds before trying again.

Show Example Error Response

E0000134: Callback execution exception

HTTP Status: 502 Bad Gateway

Okta could not communicate correctly with an inline hook.

Show Example Error Response

E0000135: Callback error

HTTP Status: 400 Bad Request

An inline hook responded with an error.

Show Example Error Response

E0000136: Mobile phone conflict exception

HTTP Status: 409 Conflict

Mobile phone conflict exception.

Show Example Error Response

E0000137: Callback timeout

HTTP Status: 504 Gateway Timeout

Okta did not receive a response from an inline hook.

Show Example Error Response

E0000138: Telephony internal error

HTTP Status: 500 Internal Server Error

There was an internal error with call provider(s).

Show Example Error Response

E0000139: Telephony provider error

HTTP Status: 503 Service Unavailable

Telephony provider error.

Show Example Error Response

E0000140: Telephony opt out error

HTTP Status: 400 Bad Request

Telephony opt out error.

Show Example Error Response

E0000141: Feature update error

HTTP Status: 400 Bad Request

Feature cannot be enabled or disabled due to dependencies/dependents conflicts.

Show Example Error Response

E0000142: Delete user type exception

HTTP Status: 403 Forbidden

This User Type cannot be deleted.

Show Example Error Response

E0000143: App instance operation not allowed exception

HTTP Status: 403 Forbidden

App instance operation not allowed.

Show Example Error Response

E0000145: User entity conversion type error

HTTP Status: 409 Conflict

Some users returned by the search cannot be parsed because the user schema has been changed to be inconsistent with their stale profile data.

Show Example Error Response

E0000146: SMS roadblock exception

HTTP Status: 429 Too Many Requests

Your organization has reached the limit of sms requests that can be sent within a 24 hour period.

Show Example Error Response

E0000147: Call roadblock exception

HTTP Status: 429 Too Many Requests

Your organization has reached the limit of call requests that can be sent within a 24 hour period.

Show Example Error Response

E0000148: Policy violation exception

HTTP Status: 403 Forbidden

Cannot modify/disable this authenticator because it is enabled in one or more policies. {0}

Show Example Error Response

E0000149: HTTP request not acceptable

HTTP Status: 406 Not Acceptable

The HTTP request is not acceptable.

Show Example Error Response

E0000150: SMS rate limit exception

HTTP Status: 403 Forbidden

You have reached the limit of sms requests, please try again later.

Show Example Error Response

E0000151: Call rate limit exception

HTTP Status: 403 Forbidden

You have reached the limit of call requests, please try again later.

Show Example Error Response

E0000152: Illegal device status exception

HTTP Status: 403 Forbidden

Illegal device status, cannot perform action.

Show Example Error Response

E0000153: Invalid device id exception

HTTP Status: 410 Gone

Invalid device id, it no longer exists.

Show Example Error Response

E0000154: Invalid factor id exception

HTTP Status: 410 Gone

Invalid factor id, it is not currently active.

Show Example Error Response

E0000155: User not active exception

HTTP Status: 423 Locked

User is not currently active.

Show Example Error Response

E0000156: Invalid user id exception

HTTP Status: 410 Gone

Invalid user id; the user either does not exist or has been deleted.

Show Example Error Response

E0000157: Authenticator already exists exception

HTTP Status: 409 Conflict

Another authenticator with key: {0} is already active.

Show Example Error Response

E0000158: Non user verification compliance enrollment exception

HTTP Status: 400 Bad Request

Invalid Enrollment. User verification required.

Show Example Error Response

E0000159: Non fips compliance okta verify enrollment exception

HTTP Status: 400 Bad Request

Invalid Enrollment. FIPS compliance required.

Show Example Error Response

E0000161: Domain already exists exception

HTTP Status: 403 Forbidden

Unique domain name required.

Show Example Error Response

E0000162: Domain limit exception

HTTP Status: 403 Forbidden

Domain count limit reached.

Show Example Error Response

E0000163: Domain not found exception

HTTP Status: 404 Not Found

Domain ID not found.

Show Example Error Response

E0000165: Domain not verified exception

HTTP Status: 403 Forbidden

Domain not verified.

Show Example Error Response

E0000166: Captcha limit exception

HTTP Status: 403 Forbidden

CAPTCHA count limit reached. At most one CAPTCHA instance is allowed per Org. Please remove existing CAPTCHA to create a new one.

Show Example Error Response

E0000167: Deactivate idp in use by authenticator exception

HTTP Status: 403 Forbidden

{0}

Show Example Error Response

E0000168: Captcha associated with org exception

HTTP Status: 403 Forbidden

CAPTCHA cannot be removed. This CAPTCHA is associated with org-wide CAPTCHA settings, please unassociate it before removing it.

Show Example Error Response

E0000170: Org Creator API subdomain reserved exception

HTTP Status: 400 Bad Request

Org Creator API subdomain validation exception: Using a reserved value. Try again with a different value.

Show Example Error Response

E0000171: Org Creator API subdomain locked exception

HTTP Status: 400 Bad Request

Org Creator API subdomain validation exception: The value is already in use by a different request.

Show Example Error Response

E0000172: Org Creator API subdomain name too long exception

HTTP Status: 400 Bad Request

Org Creator API subdomain validation exception: The value exceeds the max length.

Show Example Error Response

E0000174: Device condition dependency exception

HTTP Status: 403 Forbidden

You can’t disable Okta FastPass because it is being used by one or more application sign-on policies. First, go to each policy and remove any device conditions. Then, come back and try again.

Show Example Error Response

E0000176: Log streaming create failed

HTTP Status: 400 Bad Request

Failed to create LogStreaming event source. {0}

Show Example Error Response

E0000177: Log streaming delete failed

HTTP Status: 400 Bad Request

Failed to delete LogStreaming event source. {0}

Show Example Error Response

E0000178: Cannot delete realm exception

HTTP Status: 400 Bad Request

This realm cannot be deleted. {0}

Show Example Error Response

E0000179: Externally sourced attribute exception

HTTP Status: 400 Bad Request

There is a required attribute that is externally sourced.

Show Example Error Response

E0000180: Suspended factor exception

HTTP Status: 423 Locked

Factor id is currently not active.

Show Example Error Response

E0000181: Dns challenge not found exception

HTTP Status: 503 Service Unavailable

Service temporarily unavailable.

Show Example Error Response

E0000182: Email customization default already exists exception

HTTP Status: 409 Conflict

A default email template customization already exists.

Show Example Error Response

E0000183: Email customization language already exists exception

HTTP Status: 409 Conflict

An email template customization for that language already exists.

Show Example Error Response

E0000184: Email customization cannot delete default exception

HTTP Status: 409 Conflict

A default email template customization can't be deleted.

Show Example Error Response

E0000185: Email customization cannot clear default exception

HTTP Status: 409 Conflict

The isDefault parameter of the default email template customization can't be set to false.

Show Example Error Response

E0000186: SMS free org roadblock exception

HTTP Status: 429 Too Many Requests

Your free tier organization has reached the limit of sms requests that can be sent within a 30 day period.

Show Example Error Response

E0000187: Push provider dependency exception

HTTP Status: 409 Conflict

Cannot delete push provider because it is being used by a custom app authenticator.

Show Example Error Response

E0000188: Domain update conflict exception

HTTP Status: 409 Conflict

Domain update conflict exception.

Show Example Error Response

E0000189: Email template invalid recipients exception

HTTP Status: 422 Unprocessable Entity

This template does not support the recipients value.

Show Example Error Response

E0000190: Delete ldap interface forbidden exception

HTTP Status: 403 Forbidden

Delete LDAP interface instance forbidden.

Show Example Error Response

E0000191: Transaction not found exception

HTTP Status: 404 Not Found

Verification timed out. Please try again.

Show Example Error Response

E0000192: Assign admin privilege to group with rules exception

HTTP Status: 400 Bad Request

Roles cannot be granted to groups with group membership rules. {0}

Show Example Error Response

E0000193: Group member count exceeds limit exception

HTTP Status: 400 Bad Request

Roles can only be granted to groups with 5000 or less users. {0}

Show Example Error Response

E0000194: Non applicable group type exception

HTTP Status: 400 Bad Request

Roles can only be granted to Okta groups, AD groups and LDAP groups. {0}

Show Example Error Response

E0000195: API conflict exception

HTTP Status: 409 Conflict

Api validation failed due to conflict: {0}

Show Example Error Response

E0000197: Email domain already exists exception

HTTP Status: 409 Conflict

Unique email domain name required.

Show Example Error Response

E0000198: Email domain not found exception

HTTP Status: 404 Not Found

Email domain not found.

Show Example Error Response

E0000200: Brand cannot delete default exception

HTTP Status: 409 Conflict

A default brand cannot be deleted.

Show Example Error Response

E0000201: Brand cannot delete already assigned exception

HTTP Status: 409 Conflict

A brand associated with a custom domain or email doamin cannot be deleted.

Show Example Error Response

E0000202: Brand name already exist exception

HTTP Status: 409 Conflict

Brand name already exists.

Show Example Error Response

E0000203: Brand domain mapping failure exception

HTTP Status: 409 Conflict

Failed to associate this domain with the given brandId.

Show Example Error Response

E0000204: SMS rate limit exception 429

HTTP Status: 429 Too Many Requests

You have reached the limit of sms requests, please try again later.

Show Example Error Response

E0000205: Call rate limit exception 429

HTTP Status: 429 Too Many Requests

You have reached the limit of call requests, please try again later.

Show Example Error Response

E0000207: Incorrect username or password exception

HTTP Status: 401 Unauthorized

The username and/or the password you entered is incorrect. Please try again.

Show Example Error Response

E0000208: Access token bad request exception

HTTP Status: 400 Bad Request

Failed to get access token. The request was invalid, reason: {0}.

Show Example Error Response

E0000209: Aaguid group violation exception

HTTP Status: 400 Bad Request

{0} cannot be modified/deleted because it is currently being used in an Enroll Policy. Please make changes to the Enroll Policy before modifying/deleting the group.

Show Example Error Response

E0000211: Built in groups type exception

HTTP Status: 400 Bad Request

Roles cannot be granted to built-in groups: {0}

Show Example Error Response

E0000212: Invalid origin header exception

HTTP Status: 403 Forbidden

Origin validation failed.

Show Example Error Response

E0000213: Cannot update page content for default brand exception

HTTP Status: 403 Forbidden

Cannot update page content for the default brand.

Show Example Error Response

E0000214: User has no enrollments that are ciba enabled

HTTP Status: 400 Bad Request

User has no custom authenticator enrollments that have CIBA as a transactionType

Show Example Error Response

E0000215: API endpoint no longer available

HTTP Status: 410 Gone

This endpoint has been deprecated.

Show Example Error Response

E0000217: Email domain invalid status exception

HTTP Status: 400 Bad Request

Invalid status. Cannot validate email domain in current status.

Show Example Error Response

E0000218: Email domain validation exception

HTTP Status: 400 Bad Request

Email domain could not be verified by mail provider.

Show Example Error Response

E0000219: Phishing resistance policy error

HTTP Status: 403 Forbidden

This action can't be completed because it would result in 0 phishing resistant authenticators and your org has at least one authentication policy rule that requires phishing resistant authenticators. To continue, either enable FIDO 2 (WebAuthn) or remove the phishing resistance constraint from the affected policies. Policy rules: {0}

Show Example Error Response

E0000220: Brand limit exception

HTTP Status: 403 Forbidden

Brand count limit reached.

Show Example Error Response

E0000221: Realm limit exceeded exception

HTTP Status: 403 Forbidden

You have reached the maximum number of realms. An org cannot have more than {0} realms.

Show Example Error Response

E0000222: Email server already enabled exception

HTTP Status: 400 Bad Request

You can enable only one SMTP server at a time. Another SMTP server is already enabled.

Show Example Error Response

E0000223: Email server connection failed exception

HTTP Status: 400 Bad Request

Connection with the specified SMTP server failed.

Show Example Error Response

E0000224: Email server auth failed exception

HTTP Status: 400 Bad Request

Authentication with the specified SMTP server failed.

Show Example Error Response

E0000225: Email server max enrolled exception

HTTP Status: 400 Bad Request

You reached the maximum number of enrolled SMTP servers. An org can't have more than {0} enrolled servers.

Show Example Error Response

E0000226: Required telephony inline hook enabled for phone authenticator exception

HTTP Status: 400 Bad Request

You must have an active telephony inline hook to activate and use the Phone authenticator.

Show Example Error Response

E0000227: Non applicable app as principal type exception

HTTP Status: 400 Bad Request

Roles can only be granted to service application type

Show Example Error Response

E0000228: SMS template customization not allowed exception

HTTP Status: 403 Forbidden

SMS template customization isn't permitted.

Show Example Error Response

E0000229: Non bio or pin user verification compliance enrollment exception

HTTP Status: 400 Bad Request

Invalid Enrollment. Biometrics with Pin fallback required.

Show Example Error Response

E0000230: Idp for custom idp authenticator already in use exception

HTTP Status: 409 Conflict

Another authenticator is already associated with idpId: {0}.

Show Example Error Response

E0000231: Etag not matched exception

HTTP Status: 412 Precondition Failed

ETag value doesn't match.

Show Example Error Response

E0000232: Duplicate authenticator nickname exception

HTTP Status: 400 Bad Request

Another authenticator enrollment already exists with the same nickname.

Show Example Error Response

E0000233: SMS free org okta verify setup link bloc exception

HTTP Status: 403 Forbidden

Okta Verify SMS setup link is a feature only available on paid Okta accounts. To enable this feature please upgrade your free tier org.

Show Example Error Response

E0000235: Resource selectors exception

HTTP Status: 400 Bad Request

Resource Selector: {0}

Show Example Error Response

E0000236: Email customization invalid bcp47 locale format exception

HTTP Status: 400 Bad Request

The language doesn't conform to the BCP 47 standard for locales.

Show Example Error Response

E0000237: Email customization test locale not permitted exception

HTTP Status: 400 Bad Request

The language isn't permitted for email customization.

Show Example Error Response

E0000239: Policy lock exception

HTTP Status: 423 Locked

Policy priorities are being reconciled. Please try again later.

Show Example Error Response

E0000240: Agent time out

HTTP Status: 502 Bad Gateway

Request timed out waiting for agent.

Show Example Error Response

E0000241: No connected agents

HTTP Status: 504 Gateway Timeout

No connected agents.

Show Example Error Response

E0000242: Invalid etag exception

HTTP Status: 400 Bad Request

ETag syntax is invalid.

Show Example Error Response

E0000243: API validation exception with no message

HTTP Status: 400 Bad Request

Bad request.

Show Example Error Response

E0000244: Email customization multiple defaults exception

HTTP Status: 409 Conflict

There are conflicting default customizations for this template. To create or update email customizations, discard your changes and then reset your templates.

Show Example Error Response

E0000245: Knowledge second and access policy conflict exception

HTTP Status: 400 Bad Request

One or more authentication method chains include a knowledge method in the first step. Update these chains to require a possession factor in the first step: {0}

Show Example Error Response

E0000246: Deactivate authenticator method in use by authentication policy method chain exception

HTTP Status: 403 Forbidden

This action can't be completed because the authentication method is in use by one or more authentication policies: {0}

Show Example Error Response

E0000247: Okta telephony disabled exception

HTTP Status: 403 Forbidden

Your organization doesn't support SMS or Voice authentication at this time. Select another authentication method.

Show Example Error Response

E0000248: Deactivate idp in use by okta account management policy exception

HTTP Status: 403 Forbidden

The current Id Proofing Identity Provider is configured to be used in one or more Okta Account Management Policy rules. {0}

Show Example Error Response

E0000249: Missing group rule policy exception

HTTP Status: 409 Conflict

Group rules are still being set up. Please try again later.

Show Example Error Response

Example errors for OpenID Connect and Social Login

In situations where Okta needs to pass an error to a downstream application through a redirect_uri, the error code and description are encoded as the query parameters error and error_description.

For example, if the redirect_uri is https://example.com, then the ACCESS_DENIED error is passed as follows:

https://example.com?error=access_denied&error_description=The%20resource%20owner%20or%20authorization%20server%20denied%20the%20request
Property Description
unauthorized_client The client isn't authorized to request an authorization code using this method.
access_denied The resource owner or authorization server denied the request.
unsupported_response_type The authorization server doesn't support obtaining an authorization code using this method.
unsupported_response_mode The authorization server doesn't support the requested response mode.
invalid_scope The requested scope is invalid, unknown, or malformed.
server_error The authorization server encountered an unexpected condition that prevented it from fulfilling the request.
temporarily_unavailable The authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server.
invalid_client The specified client isn't valid.
login_required The client specified not to prompt, but the user isn't signed in.
invalid_request The request parameters aren't valid.
user_canceled_request User canceled the social sign-in request.