Core
API v2.x
2

0x07: security #

Subdomain: 0x0701: token #

id / code class / status message description
security.token.invalid
0x07010001
UnauthorizedError
(401)
Invalid token. Invalid authentication token.
security.token.unknown_user
0x07010002
InternalError
(500)
Unknown User : cannot generate token Missing user or missing user identifier
security.token.unknown_connection
0x07010003
InternalError
(500)
Unknown connection : cannot generate token Missing connection identifier
security.token.ttl_exceeded
0x07010004
BadRequestError
(400)
expiresIn value exceeds maximum allowed value An authentication token was requested with a TTL larger than the configured maximum value
security.token.generation_failed
0x07010005
InternalError
(500)
Error while generating token: %s Unable to generate the requested authentication token
security.token.expired
0x07010006
UnauthorizedError
(401)
Token expired The provided authentication token has expired
security.token.verification_error
0x07010007
InternalError
(500)
Error verifying token: %s An unexpected error occured while verifying an authentication token
security.token.refresh_forbidden
0x07010008
UnauthorizedError
(401)
%s cannot be refreshed. The provided token cannot be refreshed
security.token.invalid_expiration
0x07010009
BadRequestError
(400)
Token can not be created with this expiration time: %s The specified expiration time is invalid

Subdomain: 0x0702: credentials #

id / code class / status message description
security.credentials.unknown_strategy
0x07020001
BadRequestError
(400)
Unknown authentication strategy "%s" Unknown authentication strategy
security.credentials.database_inconsistency
0x07020002
PluginImplementationError
(500)
Internal database inconsistency detected: existing credentials found on non-existing user %s. Inconsistency detected: credentials were found on a non-existing user
security.credentials.rejected
0x07020003
BadRequestError
(400)
Credentials rejected: %s User's credentials were rejected during

Subdomain: 0x0703: rights #

id / code class / status message description
security.rights.unauthorized
0x07030001
UnauthorizedError
(401)
Unauthorized: authentication required to execute the action "%s:%s". Authentication required to execute this action
security.rights.forbidden
0x07030002
ForbiddenError
(403)
Insufficient permissions to execute the action "%s:%s" (User "%s"). Insufficient permissions to execute this action
security.rights.failsafe_mode_admin_only
0x07030003
ForbiddenError
(403)
Only administrators ("admin" profile) can use the API in failsafe mode. Only administrators ("admin" profile) can use the API in failsafe mode. Authenticate as admin or reboot without failsafe mode ("config.plugins.common.failsafeMode") to access the API.

Subdomain: 0x0704: user #

id / code class / status message description
security.user.already_exists
0x07040001
PreconditionError
(412)
User %s already exists. Cannot create the user as it already exists
security.user.not_found
0x07040002
NotFoundError
(404)
User "%s" not found. Attempted to access to a non-existing user
security.user.anonymous_profile_required
0x07040003
BadRequestError
(400)
The anonymous user must be assigned to the anonymous profile The anonymous user must be assigned to the anonymous profile
security.user.cannot_hydrate
0x07040004
InternalError
(500)
Unable to hydrate the user "%s": missing profile(s) in the database Database inconsistency error: a user is referencing non-existing profiles
security.user.uninitialized
0x07040005
InternalError
(500)
Cannot get profiles for uninitialized user "%s" Attempted to access to an unitialized User object
security.user.prevent_overwrite
0x07040006
BadRequestError
(400)
Cannot overwrite existing users. Attempted to overwrite existing users. Change "onExistingUsers" params to modify this method behavior.
security.user.no_profile
0x07040007
InternalError
(500)
Cannot load user "%s": there is no security profiles associated to it Database inconsistency error: a user does not have profiles associated to it

Subdomain: 0x0705: role #

id / code class / status message description
security.role.not_found
0x07050001
NotFoundError
(404)
Role "%s" not found. Attempted to access to a non-existing role
security.role.login_required
0x07050002
BadRequestError
(400)
Cannot remove the "login" action from the anonymous role. Cannot remove the "login" action from the anonymous role
security.role.cannot_delete
0x07050003
BadRequestError
(400)
The following roles are protected and cannot be deleted: anonymous, default, admin Attempted to delete a base role (anonymous, default, admin)
security.role.in_use
0x07050004
PreconditionError
(412)
The role "%s" is still used and cannot be deleted. A role still assigned to profiles cannot be deleted
security.role.uninitialized
0x07050005
InternalError
(500)
Cannot check permissions on the uninitialized role "%s" Attempted to access to an unitialized Role object
security.role.invalid_rights
0x07050006
Deprecated since 2.2.0
BadRequestError
(400)
Invalid rights for role "%s" (path: "%s"): %s Invalid rights
security.role.closure_exec_failed
0x07050007
Deprecated since 2.2.0
BadRequestError
(400)
Invalid definition for [%s, %s]: %s Execution failed on the provided closure
security.role.closure_missing_test
0x07050008
Deprecated since 2.2.0
BadRequestError
(400)
Missing or malformed "test" attribute for role %s (%s) : %s Closures must specify a "test" attribute
security.role.unknown_controller
0x07050009
BadRequestError
(400)
Trying to set role %s with a non-existing controller '%s'. %s Trying to set a role with a non-existing controller
security.role.unknown_action
0x0705000a
BadRequestError
(400)
Trying to set role %s with a non-existing action '%s' in controller '%s'. %s Trying to set a role with a non-existing controller action

Subdomain: 0x0706: profile #

id / code class / status message description
security.profile.not_found
0x07060001
NotFoundError
(404)
Profile "%s" not found. Attempted to access to a non-existing profile
security.profile.cannot_delete
0x07060002
BadRequestError
(400)
The following profiles are protected and cannot be deleted: anonymous, default, admin Attempted to delete a base profile (anonymous, default, admin)
security.profile.in_use
0x07060003
PreconditionError
(412)
The profile "%s" is still used and cannot be deleted. A profile still assigned to users cannot be deleted
security.profile.cannot_hydrate
0x07060004
InternalError
(500)
Unable to hydrate the profile "%s": missing role(s) in the database Database inconsistency error: a profile is referencing non-existing roles
security.profile.missing_anonymous_role
0x07060005
BadRequestError
(400)
The anonymous profile must include the anonymous role The anonymous profile must include the anonymous role
security.profile.uninitialized
0x07060006
InternalError
(500)
Cannot get roles for uninitialized profile "%s" Attempted to access to an unitialized Profile object

id / code class / status message description
security.cookie.invalid
0x07070001
UnauthorizedError
(401)
Invalid cookie. Invalid authentication cookie.
security.cookie.unsupported
0x07070002
InternalError
(500)
Cookie authentication not supported. Cookie authentication not supported.