Error Reference
Most Tropikal errors use a standard response shape with a short message. The table below explains what to check first.
HTTP status codes
| Code | Meaning | First check |
|---|---|---|
| 400 | Bad request | Required field missing, invalid JSON, or unsupported value. |
| 401 | Unauthorized | The session or API key is missing, expired, or invalid. |
| 403 | Forbidden | The account, plan, or website permission does not allow the action. |
| 404 | Not found | The resource does not exist or does not belong to the current account. |
| 409 | Conflict | A unique value already exists or the resource is in the wrong state for the requested action. |
| 422 | Validation failed | The submitted fields do not match the resource schema. |
| 429 | Rate limited | Too many requests or the account has reached a usage limit. |
| 500 | Server error | Retry later and include the request details when contacting support. |
Workflow errors
| Symptom | Check |
|---|---|
| Workflow not found | Confirm the workflow slug and that you are signed in to the owning account. |
| Chat rejected | Confirm the workflow is active and the request uses the expected auth method. |
| Capability call failed | Check the linked function, required fields, and capability-specific permission. |
| Knowledge answer missing | Confirm the knowledge source is processed and active for that workflow. |
Website connection errors
| Symptom | Check |
|---|---|
| Connection test failed | Confirm the site URL and current setup details. |
| Resource not exposed | Confirm the resource is approved for the site connection. |
| Action denied | Grant the specific action or use a lower-risk prompt. |
| Validation failed | Ask for the resource schema and send only fields allowed by that schema. |
| Delete refused | The connection requires explicit confirmation for destructive actions. |
What to include when reporting an issue
Include:
- Product area: Workflows, Websites, or API.
- The page or action you were using.
- The visible error message.
- The approximate time of the request.
- The workflow slug or website name, if relevant.
Do not include passwords, API keys, setup codes, browser cookies, or private credentials in support messages.