On This Page

Okta error codes and descriptions

This document contains a complete list of all errors that the Okta API returns.

All errors contain the follow fields:

Property Description
errorCode An Okta code for this type of error
errorSummary A short description of what caused this error. Sometimes this contains dynamically-generated information about your specific error.
errorLink An Okta code for this type of error
errorId A unique identifier for this error. This can be used by Okta Support to help with troubleshooting.
errorCauses (Optional) Further information about what caused this error

Found 143 matches

E0000001: API validation exception

HTTP Status: 400 Bad Request

API validation failed for the current request. This is a fairly general error that signifies that endpoint's precondition has been violated. Such preconditions are endpoint specific. Users are encouraged to navigate to the documentation for the endpoint and read through the "Response Parameter" section. For example, the documentation for "Suspend User" indicates that suspending a user who is not active will result in the `E0000001` error code.

Show Example Error Response

E0000002: Illegal API argument exception

HTTP Status: 400 Bad Request

The request was not valid: {0}

Show Example Error Response

E0000003: Reader exception

HTTP Status: 400 Bad Request

The request body was not well-formed.

Show Example Error Response

E0000004: Authentication exception

HTTP Status: 401 Unauthorized

Authentication failed

Show Example Error Response

E0000005: Invalid session exception

HTTP Status: 403 Forbidden

Invalid session

Show Example Error Response

E0000006: Access denied exception

HTTP Status: 403 Forbidden

You do not have permission to perform the requested action

Show Example Error Response

E0000007: Resource not found exception

HTTP Status: 404 Not Found

Not found: {0}

Show Example Error Response

E0000008: Not found exception

HTTP Status: 404 Not Found

The requested path was not found

Show Example Error Response

E0000009: Internal server error

HTTP Status: 500 Internal Server Error

Internal Server Error

Show Example Error Response

E0000010: Read only database exception

HTTP Status: 503 Service Unavailable

Service is in read only mode

Show Example Error Response

E0000011: Invalid token exception

HTTP Status: 401 Unauthorized

Invalid token provided

Show Example Error Response

E0000012: Unsupported media type

HTTP Status: 404 Not Found

Unsupported media type

Show Example Error Response

E0000013: Invalid client app exception

HTTP Status: 403 Forbidden

Invalid client app id

Show Example Error Response

E0000014: Update credentials failed exception

HTTP Status: 403 Forbidden

Update of credentials failed

Show Example Error Response

E0000015: Feature not enabled exception

HTTP Status: 401 Unauthorized

You do not have permission to access the feature you are requesting

Show Example Error Response

E0000016: Activate user failed exception

HTTP Status: 403 Forbidden

Activation failed because the user is already active

Show Example Error Response

E0000017: Reset password failed exception

HTTP Status: 403 Forbidden

Password reset failed

Show Example Error Response

E0000018: Servlet request binding exception

HTTP Status: 400 Bad Request

Bad request. Accept and/or Content-Type headers are likely not set.

Show Example Error Response

E0000019: HTTP media type not acceptable exception

HTTP Status: 400 Bad Request

Bad request. Accept and/or Content-Type headers likely do not match supported values.

Show Example Error Response

E0000020: Illegal argument exception

HTTP Status: 400 Bad Request

Bad request.

Show Example Error Response

E0000021: HTTP media type not supported exception

HTTP Status: 400 Bad Request

Bad request. Accept and/or Content-Type headers likely do not match supported values.

Show Example Error Response

E0000022: HTTP request method not supported exception

HTTP Status: 405 Method Not Allowed

The endpoint does not support the provided HTTP method

Show Example Error Response

E0000023: App user exception

HTTP Status: 403 Forbidden

Operation failed because user profile is mastered under another system

Show Example Error Response

E0000024: Unsupported app metadata operation exception

HTTP Status: 400 Bad Request

Bad request. This operation on app metadata is not yet supported.

Show Example Error Response

E0000025: Assign app version failed exception

HTTP Status: 400 Bad Request

App version assignment failed.

Show Example Error Response

E0000026: API endpoint deprecated exception

HTTP Status: 404 Not Found

This endpoint has been deprecated.

Show Example Error Response

E0000027: Group push exception

HTTP Status: 400 Bad Request

Group push bad request : {0}

Show Example Error Response

E0000028: Missing servlet request parameter exception

HTTP Status: 400 Bad Request

The request is missing a required parameter.

Show Example Error Response

E0000029: Invalid paging exception

HTTP Status: 400 Bad Request

Invalid paging request.

Show Example Error Response

E0000030: Invalid date exception

HTTP Status: 400 Bad Request

Bad request. Invalid date. Dates must be of the form yyyy-MM-dd'T'HH:mm:ss.SSSZZ, e.g. 2013-01-01T12:00:00.000-07:00.

Show Example Error Response

E0000031: Invalid search criteria exception

HTTP Status: 400 Bad Request

Invalid search criteria.

Show Example Error Response

E0000032: Unlock forbidden exception

HTTP Status: 403 Forbidden

Unlock is not allowed for this user.

Show Example Error Response

E0000033: Search request exception

HTTP Status: 400 Bad Request

Bad request. Can't specify a search query and filter in the same request.

Show Example Error Response

E0000034: Forgot password not allowed exception

HTTP Status: 403 Forbidden

Forgot password not allowed on specified user.

Show Example Error Response

E0000035: Change password not allowed exception

HTTP Status: 403 Forbidden

Change password not allowed on specified user.

Show Example Error Response

E0000036: Change recovery question not allowed exception

HTTP Status: 403 Forbidden

Change recovery question not allowed on specified user.

Show Example Error Response

E0000037: Type mismatch exception

HTTP Status: 400 Bad Request

Type mismatch exception. {0}

Show Example Error Response

E0000038: User operation forbidden exception

HTTP Status: 403 Forbidden

This operation is not allowed in the user's current status.

Show Example Error Response

E0000039: Change app instance failed exception

HTTP Status: 403 Forbidden

Operation on application settings failed.

Show Example Error Response

E0000040: Duplicate instance label exception

HTTP Status: 400 Bad Request

Application label must not be the same as an existing application label.

Show Example Error Response

E0000041: Password option argument exception

HTTP Status: 400 Bad Request

Credentials should not be set on this resource based on the scheme.

Show Example Error Response

E0000042: Set redirect url failed exception

HTTP Status: 403 Forbidden

Setting the error page redirect URL failed.

Show Example Error Response

E0000043: Self assign org apps not enabled exception

HTTP Status: 403 Forbidden

Self service application assignment is not enabled.

Show Example Error Response

E0000044: Self assign not supported exception

HTTP Status: 403 Forbidden

Self service application assignment is not supported.

Show Example Error Response

E0000045: Field mapping API exception

HTTP Status: 400 Bad Request

Field mapping bad request.

Show Example Error Response

E0000046: Deactivate app user forbidden exception

HTTP Status: 403 Forbidden

Deactivate application for user forbidden.

Show Example Error Response

E0000047: Too many requests exception

HTTP Status: 429 Too Many Requests

API call exceeded rate limit due to too many requests.

Show Example Error Response

E0000048: OPP entity not found exception

HTTP Status: 404 Not Found

Entity not found exception.

Show Example Error Response

E0000049: OPP invalid SCIM data from SCIM implementation exception

HTTP Status: 500 Internal Server Error

Invalid SCIM data from SCIM implementation.

Show Example Error Response

E0000050: OPP invalid SCIM data from client exception

HTTP Status: 400 Bad Request

Invalid SCIM data from client.

Show Example Error Response

E0000051: OPP no response from SCIM implementation exception

HTTP Status: 500 Internal Server Error

No response from SCIM implementation.

Show Example Error Response

E0000052: OPP endpoint not implemented exception

HTTP Status: 501 Not Implemented

Endpoint not implemented.

Show Example Error Response

E0000053: OPP invalid SCIM filter

HTTP Status: 400 Bad Request

Invalid SCIM filter.

Show Example Error Response

E0000054: OPP invalid pagination properties

HTTP Status: 400 Bad Request

Invalid pagination properties.

Show Example Error Response

E0000055: OPP duplicate group

HTTP Status: 409 Conflict

Duplicate group.

Show Example Error Response

E0000056: Delete app instance forbidden exception

HTTP Status: 403 Forbidden

Delete application forbidden.

Show Example Error Response

E0000057: Policy deny exception

HTTP Status: 403 Forbidden

Access to this application is denied due to a policy.

Show Example Error Response

E0000058: Policy factor required exception

HTTP Status: 403 Forbidden

Access to this application requires MFA: {0}

Show Example Error Response

E0000059: OPP connector settings test failure

HTTP Status: 400 Bad Request

The connector configuration could not be tested. Make sure that the URL, Authentication Parameters are correct and that there is an implementation available at the URL provided.

Show Example Error Response

E0000060: Unsupported operation

HTTP Status: 501 Not Implemented

Unsupported operation.

Show Example Error Response

E0000061: Tab exception

HTTP Status: 403 Forbidden

Tab error: {0}

Show Example Error Response

E0000062: Duplicate app assignment

HTTP Status: 409 Conflict

The specified user is already assigned to the application.

Show Example Error Response

E0000063: Invalid parameter combination exception

HTTP Status: 400 Bad Request

Invalid combination of parameters specified.

Show Example Error Response

E0000064: Password expired exception

HTTP Status: 401 Unauthorized

Password is expired and must be changed.

Show Example Error Response

E0000065: App metadata internal server exception

HTTP Status: 500 Internal Server Error

Internal error processing app metadata.

Show Example Error Response

E0000066: Mim apns not configured exception

HTTP Status: 400 Bad Request

APNS is not configured, contact your admin

Show Example Error Response

E0000067: Factor service timeout exception

HTTP Status: 504 Gateway Timeout

Factors Service Error.

Show Example Error Response

E0000068: Factor invalid code exception

HTTP Status: 403 Forbidden

Invalid Passcode/Answer

Show Example Error Response

E0000069: Factor user locked exception

HTTP Status: 403 Forbidden

User Locked

Show Example Error Response

E0000070: Factor waiting for ack exception

HTTP Status: 202 Accepted

Waiting for ACK

Show Example Error Response

E0000071: Mim unsupported version exception

HTTP Status: 400 Bad Request

Unsupported OS Version: {0}

Show Example Error Response

E0000072: Mim enrollment disallowed exception

HTTP Status: 403 Forbidden

MIM policy settings have disallowed enrollment for this user

Show Example Error Response

E0000073: Factor user rejected code exception

HTTP Status: 403 Forbidden

User rejected authentication

Show Example Error Response

E0000074: Factor service exception

HTTP Status: 400 Bad Request

Factor Service Error

Show Example Error Response

E0000075: App user profile push constraint exception

HTTP Status: 403 Forbidden

Cannot modify the {0} attribute because it has a field mapping and profile push is enabled.

Show Example Error Response

E0000076: App user profile mastering constraint exception

HTTP Status: 405 Method Not Allowed

Cannot modify the app user because it is mastered by an external app.

Show Example Error Response

E0000077: Read only attribute exception

HTTP Status: 403 Forbidden

Cannot modify the {0} attribute because it is read-only.

Show Example Error Response

E0000078: Immutable attribute exception

HTTP Status: 403 Forbidden

Cannot modify the {0} attribute because it is immutable.

Show Example Error Response

E0000079: Illegal auth state exception

HTTP Status: 403 Forbidden

This operation is not allowed in the current authentication state.

Show Example Error Response

E0000080: Password policy violation exception

HTTP Status: 403 Forbidden

The password does not meet the complexity requirements of the current password policy.

Show Example Error Response

E0000081: System scope attribute exception

HTTP Status: 403 Forbidden

Cannot modify the {0} attribute because it is a reserved attribute for this application.

Show Example Error Response

E0000082: Factor passcode replayed exception

HTTP Status: 403 Forbidden

Each code can only be used once. Please wait for a new code and try again.

Show Example Error Response

E0000083: Factor time window exceeded exception

HTTP Status: 403 Forbidden

PassCode is valid but exceeded time window.

Show Example Error Response

E0000084: App evaluation exception

HTTP Status: 403 Forbidden

App evaluation error.

Show Example Error Response

E0000085: Sign on denied exception

HTTP Status: 403 Forbidden

You do not have permission to access your account at this time.

Show Example Error Response

E0000086: Policy activation exception

HTTP Status: 403 Forbidden

This policy cannot be activated at this time.

Show Example Error Response

E0000087: Invalid recovery answer exception

HTTP Status: 403 Forbidden

The recovery question answer did not match our records.

Show Example Error Response

E0000088: Org Creator API subdomain validation exception

HTTP Status: 400 Bad Request

Org Creator API subdomain validation exception.

Show Example Error Response

E0000089: Org Creator API name validation exception

HTTP Status: 400 Bad Request

Org Creator API name validation exception.

Show Example Error Response

E0000090: Duplicate role assignment exception

HTTP Status: 409 Conflict

The role specified is already assigned to the user.

Show Example Error Response

E0000091: Illegal role assignment exception

HTTP Status: 405 Method Not Allowed

The provided role type was not the same as required role type.

Show Example Error Response

E0000092: Policy allow with conditions exception

HTTP Status: 403 Forbidden

Access to this application requires re-authentication: {0}

Show Example Error Response

E0000093: Too many target records exception

HTTP Status: 400 Bad Request

Target count limit exceeded

Show Example Error Response

E0000094: Complex filter exception

HTTP Status: 400 Bad Request

The provided filter is unsupported.

Show Example Error Response

E0000095: Recovery forbidden for unknown user exception

HTTP Status: 403 Forbidden

Recovery not allowed for unknown user.

Show Example Error Response

E0000096: Idp certificate conflict exception

HTTP Status: 409 Conflict

This certificate has already been uploaded with kid={0}.

Show Example Error Response

E0000097: Mobile phone not verified exception

HTTP Status: 403 Forbidden

There is no verified phone number on file.

Show Example Error Response

E0000098: Phone number parse exception

HTTP Status: 400 Bad Request

This phone number is invalid.

Show Example Error Response

E0000099: International SMS call not enabled exception

HTTP Status: 403 Forbidden

Only numbers located in US and Canada are allowed. Contact your administrator if this is a problem.

Show Example Error Response

E0000100: Search not available exception

HTTP Status: 503 Service Unavailable

Unable to perform search query.

Show Example Error Response

E0000101: Invalid hosted mobile app

HTTP Status: 400 Bad Request

There was an issue with the app binary file you uploaded. {0}

Show Example Error Response

E0000102: Invalid yubikey state exception

HTTP Status: 403 Forbidden

YubiKey cannot be deleted while assigned to an user. Please deactivate YubiKey using reset MFA and try again

Show Example Error Response

E0000103: OEM command already queued

HTTP Status: 403 Forbidden

Action on device already in queue or in progress

Show Example Error Response

E0000104: OEM device already locked

HTTP Status: 403 Forbidden

Device is already locked and cannot be locked again

Show Example Error Response

E0000105: Invalid or expired recovery token

HTTP Status: 403 Forbidden

You have accessed an account recovery link that has expired or been previously used.

Show Example Error Response

E0000107: Transition state exception

HTTP Status: 403 Forbidden

The entity is not in the expected state for the requested transition.

Show Example Error Response

E0000108: OEM generic duplicate resource

HTTP Status: 409 Conflict

OEM generic duplicate resource.

Show Example Error Response

E0000109: SMS too many requests exception

HTTP Status: 429 Too Many Requests

An SMS message was recently sent. Please wait 30 seconds before trying again.

Show Example Error Response

E0000110: Invalid or expired transaction token

HTTP Status: 403 Forbidden

You have accessed a link that has expired or has been previously used.

Show Example Error Response

E0000111: Read only object exception

HTTP Status: 403 Forbidden

Cannot modify the {0} object because it is read-only.

Show Example Error Response

E0000112: Update activating user exception

HTTP Status: 409 Conflict

Cannot update this user because they are still being activated. Please try again in a few minutes.

Show Example Error Response

E0000113: Factor additional challenge exception

HTTP Status: 409 Conflict

{0}.

Show Example Error Response

E0000115: Hosted mobile app service exception

HTTP Status: 503 Service Unavailable

There was an issue while uploading the app binary file. {0}

Show Example Error Response

E0000116: Hosted mobile app upload exception

HTTP Status: 400 Bad Request

{0}

Show Example Error Response

E0000117: Inactive user forbidden exception

HTTP Status: 403 Forbidden

Cannot assign apps or update app profiles for an inactive user.

Show Example Error Response

E0000118: Email too many requests exception

HTTP Status: 429 Too Many Requests

An email was recently sent. Please wait 5 seconds before trying again.

Show Example Error Response

E0000119: User locked recovery answer exception

HTTP Status: 403 Forbidden

Your account is locked. Please contact your administrator.

Show Example Error Response

E0000120: Org Creator API custom domain validation exception

HTTP Status: 400 Bad Request

The custom domain requested is already in use by another organization.

Show Example Error Response

E0000121: Invalid phone extension

HTTP Status: 400 Bad Request

Invalid phone extension. Please enter a valid phone extension.

Show Example Error Response

E0000122: Media type not accepted exception

HTTP Status: 406 Not Acceptable

Accept Header did not contain supported media type 'application/json'

Show Example Error Response

E0000123: Enum mismatch exception

HTTP Status: 400 Bad Request

Array specified in enum field must match const values specified in oneOf field.

Show Example Error Response

E0000124: Expire on create requires password exception

HTTP Status: 400 Bad Request

Could not create user. To create a user and expire their password immediately, a password must be specified

Show Example Error Response

E0000125: Expire on create requires activation exception

HTTP Status: 400 Bad Request

Could not create user. To create a user and expire their password immediately, "activate" must be true

Show Example Error Response

E0000126: Self service not supported exception

HTTP Status: 400 Bad Request

Self service is not supported with the current settings.

Show Example Error Response

E0000127: Linked object definition exception

HTTP Status: 409 Conflict

Invalid linked objection definition. {0}

Show Example Error Response

E0000131: Feature validation exception

HTTP Status: 400 Bad Request

{0}

Show Example Error Response

E0000132: Client registration already active exception

HTTP Status: 400 Bad Request

The registration is already active for the given user, client and device combination

Show Example Error Response

E0000133: Phone call too many requests exception

HTTP Status: 429 Too Many Requests

A phone call was recently made. Please wait 30 seconds before trying again.

Show Example Error Response

E0000134: Callback execution exception

HTTP Status: 502 Bad Gateway

Okta could not communicate correctly with an inline hook.

Show Example Error Response

E0000135: Callback error

HTTP Status: 400 Bad Request

An inline hook responded with an error.

Show Example Error Response

E0000136: Mobile phone conflict exception

HTTP Status: 409 Conflict

Mobile phone conflict exception.

Show Example Error Response

E0000137: Callback timeout

HTTP Status: 504 Gateway Timeout

Okta did not receive a response from an inline hook.

Show Example Error Response

E0000138: Telephony internal error

HTTP Status: 500 Internal Server Error

There was an internal error with call provider(s).

Show Example Error Response

E0000139: Telephony provider error

HTTP Status: 503 Service Unavailable

Telephony provider error.

Show Example Error Response

E0000140: Telephony opt out error

HTTP Status: 400 Bad Request

Telephony opt out error.

Show Example Error Response

E0000141: Feature update error

HTTP Status: 400 Bad Request

Feature cannot be enabled or disabled due to dependencies/dependents conflicts.

Show Example Error Response

E0000142: Delete user type exception

HTTP Status: 403 Forbidden

This User Type cannot be deleted.

Show Example Error Response

E0000143: App instance operation not allowed exception

HTTP Status: 403 Forbidden

App instance operation not allowed.

Show Example Error Response

E0000145: User entity conversion type error

HTTP Status: 409 Conflict

Some users returned by the search cannot be parsed because the user schema has been changed to be inconsistent with their stale profile data.

Show Example Error Response

E0000146: SMS roadblock exception

HTTP Status: 429 Too Many Requests

Your organization has reached the limit of sms requests that can be sent within a 24 hour period.

Show Example Error Response

E0000147: Call roadblock exception

HTTP Status: 429 Too Many Requests

Your organization has reached the limit of call requests that can be sent within a 24 hour period.

Show Example Error Response

E0000148: Policy violation exception

HTTP Status: 403 Forbidden

The operation is not permitted by policy.

Show Example Error Response

E0000149: HTTP request not acceptable

HTTP Status: 406 Not Acceptable

The HTTP request is not acceptable.

Show Example Error Response

Example errors for OpenID Connect and Social Login

In situations where Okta needs to pass an error to a downstream application through a redirect_uri, the error code and description are encoded as the query parameters error and error_description.

For example, if the redirect_uri is https://example.com, then the ACCESS_DENIED error is passed as follows:

https://example.com?error=access_denied&error_description=The%20resource%20owner%20or%20authorization%20server%20denied%20the%20request
Property Description
unauthorized_client The client isn't authorized to request an authorization code using this method.
access_denied The resource owner or authorization server denied the request.
unsupported_response_type The authorization server doesn't support obtaining an authorization code using this method.
unsupported_response_mode The authorization server doesn't support the requested response mode.
invalid_scope The requested scope is invalid, unknown, or malformed.
server_error The authorization server encountered an unexpected condition that prevented it from fulfilling the request.
temporarily_unavailable The authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server.
invalid_client The specified client isn't valid.
login_required The client specified not to prompt, but the user isn't signed in.
invalid_request The request parameters aren't valid.
user_canceled_request User canceled the social sign-in request.