Policies
Rate limiting
The API is rate-limited (e.g. per client) to protect availability. If you exceed the limit, the server responds with 429 Too Many Requests. Back off and retry after the rate window resets.
Health checks
A health endpoint is available for uptime and readiness checks. Use it to verify that the API is running; implementation details are not documented here.
Error and status codes
| Code | Meaning |
|---|---|
| 400 | Bad request (e.g. invalid body or query). |
| 401 | Unauthorized — authentication required or token missing/invalid. |
| 403 | Forbidden — authenticated but not allowed (e.g. insufficient role). |
| 422 | Unprocessable entity — validation failed. |
| 429 | Too many requests — rate limit exceeded. |
| 500 | Server error. |
Avoid relying on response body content for error handling; use status codes as the primary signal.