API General Error Codes
These error codes are shared across the Fluz API. They cover authentication, phone and 2FA verification, passcodes, registration, and application access. Resource-specific failures have their own references — see Other error codes below.
How errors are returned
Most Fluz mutations return failures inside the response payload, not as top-level GraphQL errors. Each error carries a stable code and a human-readable message:
{
"data": {
"registerUser": {
"success": false,
"error": {
"code": "AUTH-0026",
"message": "The phone number you chose is already in use."
}
}
}
}
Branch oncode, notmessageAlways check the operation's
success(orstatus) field and read theerrorobject when it indicates failure. Treat thecodeas the stable identifier in your logic — themessageis user-facing copy and may change. The exact field names vary by operation, so check each endpoint's reference.
Authentication & login
| Error | Code | Message | How to resolve |
|---|---|---|---|
| INVALID_ACCOUNT | AUTH-0001 | Your account does not have the right permission to login to this portal. Please Apply for an Enterprise Account. | The account isn't permissioned for this portal. Request Enterprise / developer access from Fluz. |
| INVALID_CREDENTIALS | AUTH-0002 | Incorrect auth details. | Verify the credentials being submitted, then re-authenticate. |
| INVALID_USER_ACCESS | AUTH-0008 | Invalid user access. | The user access token is missing, invalid, or not permitted for this action. Regenerate the token and retry. |
| INVALID_PASSWORD | AUTH-0009 | The provided password is not valid. | Re-enter the password; confirm it meets requirements. |
| SOCIAL_UNABLE_TO_LOGIN | AUTH-0013 | Unable to login with your social account. Please verify your credentials and try again or contact customer support. | Re-attempt the social sign-in; if it persists, contact support. |
| TRADITIONAL_UNABLE_TO_LOGIN | AUTH-0018 | Unable to login with your account. Please verify your credentials and try again or contact customer support. | Verify credentials and retry; if it persists, contact support. |
| INVALID_JWT | AUTH-0019 | Invalid JWT Token! | The access token is expired or malformed. Refresh the token and retry. |
| UNABLE_TO_CHANGE_PASSWORD | AUTH-0023 | Unable to change password. Please try again or contact customer support. | Transient failure — retry; if it persists, contact support. |
| UNABLE_TO_RESET_PASSWORD | AUTH-0028 | Unable to reset password. | Retry the reset; if it persists, contact support. |
Phone & 2FA verification
| Error | Code | Message | How to resolve |
|---|---|---|---|
| PHONE_NUMBER_NOT_FOUND | AUTH-0003 | Unable to find provided phone number or phone number it is not verified. Please select different method or contact customer support. | Confirm the number is registered and verified, or use another method. |
| INVALID_PHONE_NUMBER | AUTH-0004 | Invalid phone number. | Check the number format and that regionCode matches it (e.g. US). See User Registration. |
| INVALID_2FA_TOKEN | AUTH-0005 | Access denied or expired. | The 2FA token is wrong or expired. Request a new code and retry. |
| INCORRECT_AUTH_CODE | AUTH-0006 | Auth code provided is incorrect, please check and re-enter received code and try again. | Re-enter the code from the SMS; resend if needed. |
| UNABLE_TO_SEND_AUTH_CODE | AUTH-0007 | Sorry, we were unable to send the auth code, please try again or contact customer support. | Transient send failure — retry; if it persists, contact support. |
| UNABLE_TO_RESEND_2FA | AUTH-0020 | Unable to re-send 2FA! | Wait briefly, then request the code again. |
| UNSUPPORTED_PHONE_NUMBER | AUTH-0021 | Provided number is not a valid mobile phone number! Please contact support for more details. | Use a valid mobile number (landline / VoIP numbers aren't supported). |
| UNVERIFIED_PHONE_NUMBER | AUTH-0024 | Your phone number requires verification. Please contact support. | The number must be verified before this action. Complete verification or contact support. |
| SECURITY_CODE_EXPIRED | AUTH-0029 | Your 6-digit security code has expired. Please resend a new code. | Request a fresh code and submit it before it expires. |
Passcode (PIN)
| Error | Code | Message | How to resolve |
|---|---|---|---|
| NO_PIN_EXISTS | AUTH-0010 | There is no passcode set on the user, please create one instead. | No passcode is set — call the create-passcode flow instead of update/check. |
| PIN_ALREADY_SET | AUTH-0011 | There is already a passcode set on the user, please reset instead. | A passcode already exists — reset it rather than creating a new one. |
| INVALID_PIN_CODE | AUTH-0012 | The provided passcode does not match our records, please try again or reset your passcode. | Re-enter the passcode; reset it if the user has forgotten it. |
| UNABLE_TO_CREATE_PIN | AUTH-0014 | Unable to create new pass-code, please try again or contact customer support. | Transient failure — retry; if it persists, contact support. |
| UNABLE_TO_CHECK_PIN | AUTH-0015 | Unable to check pass-code, please try again or contact customer support. | Transient failure — retry; if it persists, contact support. |
| UNABLE_TO_UPDATE_PIN | AUTH-0016 | Unable to update pass-code, please try again or contact customer support. | Transient failure — retry; if it persists, contact support. |
| UNABLE_TO_RESET_PIN | AUTH-0017 | Unable to reset pass-code, please try again or contact customer support. | Transient failure — retry; if it persists, contact support. |
Registration
| Error | Code | Message | How to resolve |
|---|---|---|---|
| REGISTRATION_NOT_ALLOWED | AUTH-0022 | Registration not allowed, please contact customer support! | Your application isn't permitted to register users. Contact Fluz to enable it — see User Registration. |
| UNSUCCESSFUL_REGISTRATION | AUTH-0025 | Please try again again or contact support. | General registration failure — retry; if it persists, contact support. |
| REGISTRATION_PHONE_TAKEN | AUTH-0026 | The phone number you chose is already in use. | The phone number is tied to an existing account. Use a different number. |
| REGISTRATION_EMAIL_TAKEN | AUTH-0027 | The email address you chose is already in use. | The email is tied to an existing account. Use a different email. |
Application & scopes
| Error | Code | Message | How to resolve |
|---|---|---|---|
| APPLICATION_INACTIVE | AUTH-0030 | Your application is not active. | The application is inactive. Check its status in the dashboard — see Managing Application. |
| INVALID_SCOPE | AUTH-0031 | The requested scopes must be granted by the user first. | The user hasn't granted the requested scope. Have them authorize it — see Application Scopes. |
Other error codes
These general codes don't cover resource-specific failures. For those, see:
- Gift Card Error Codes
- Virtual Card Error Codes
- Decline Codes — card transaction declines
Want to learn more? Contact us at [email protected]
Speak with our experts for more info or to request a demo.