Errors
HTTP status codes and error responses.
Error format
{ "message": "Human-readable description" }Session minting
| Status | Meaning |
|---|---|
400 | Invalid request body |
401 | Invalid or missing API key (/v1/sessions) |
403 | Origin not allowed, experience not public, or missing Origin header |
404 | Experience not found |
429 | Rate limit or quota exceeded |
503 | Session minting failed (server error) |
Common 403 causes (public sessions)
Originheader missing — browser must send origin on cross-origin requests- Origin not on experience allowlist
- Experience is not marked public
Runtime (SDK internal)
| Status | Meaning |
|---|---|
401 | Invalid or expired session token |
Runtime routes (/player/*) are internal to the SDK — integrators typically see these as SDK errors, not raw HTTP.