What do the various error messages mean in MetaDefender Core Rest API?
This article applies to all MetaDefender Core V4 and V5 releases deployed on Windows or Linux systems.
For users interacting with MetaDefender Core via REST API, it is essential that you familiarize yourself with the meaning of the various coded responses and error messages that the Core might return during the course of your system administration and daily file processing flow.
The tables below cover possible responses to all aspects of the REST interaction process, including:
- authorization
- analysis
- batch processing
- administration
- configuration
- YARA
- engines
- stats.
It is important to note that, while messages may often feature the same codes, their meanings are usually dependent on the nature of your API request, as illustrated in the following tables.
Auth
| API Request | API Response | Meaning |
|---|---|---|
| POST/login | π© 200 | OK |
| π₯ 404 | Invalid credentials | |
| π₯ 500 | Unexpected event on server | |
| POST/logout | π© 200 | OK |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 403 | Invalid user information | |
| π₯ 500 | Unexpected event on server | |
| POST/user/changepassword | π© 200 | Request processed successfully |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server |
Analysis
| API Request | API Response | Meaning |
|---|---|---|
| POST/file | π© 200 | Successful file submission |
| π₯ 400 | Invalid callback URL and/or API key | |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 411 | Content-length header is missing from the request | |
| π₯ 422 | Body input is empty | |
| π₯ 500 | Unexpected event on server | |
| π₯ 503 | Server is too busy, scan queue is full, try again later | |
| POST/file/sync | π© 200 | The scan is completed before connection timeout |
| π₯ 400 | Invalid API key | |
| π₯ 403 | Unsupported Callback URL | |
| π₯ 408 | Timed out response: scan is still in progress, but the connection is timed out | |
| π₯ 411 | Content-length header is missing from the request | |
| π₯ 422 | Body input is empty | |
| π₯ 500 | Internal server error | |
| π₯ 503 | Server is too busy, scan queue is full, try again later | |
| GET/file/{data_id} | π© 200 | Entire analysis report generated by MetaDefender Core |
| π₯ 500 | Unexpected event on server | |
| GET/file/{data_id}/blocked-leaves | π© 200 | Returns list of blocked leaf files |
| π₯ 404 | Requestβs resource was not found | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server | |
| GET/archive/{data_id} | π© 200 | Entire analysis report, containing all extracted files, generated by MetaDefender Core |
| π₯ 500 | Unexpected event on server | |
| GET/hash/{md5|sha1|sha256} | π© 200 | Get information or file |
| π₯ 404 | Invalid hash format | |
| GET/file/webhook/{data_id} | π© 200 | Webhooks status fetched successfully |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 404 | Requestβs resource was not found | |
| π₯ 500 | Unexpected event on server | |
| GET/file/rules | π© 200 | Returns the list of available rules |
| π₯ 500 | Unexpected event on server | |
| GET/file/converted/{data_id} | π© 200 | Returns the sanitized content |
| π₯ 404 | Requestβs resource was not found | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server | |
| GET/file/download/{data_id} | π© 200 | Returns the sanitized or DLP processed content |
| π₯ 404 | Requestβs resource was not found | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server | |
| GET/quarantine/{sha256}/download | π© 200 | Returns the quarantined file |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 404 | Requestβs resource was not found | |
| π₯ 500 | Unexpected event on server | |
| POST/file/{data_id}/cancel | π© 200 | Batch canceled or analysis successfully canceled |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 404 | Batch not found (invalid ID) or request resource not found | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server |
Batch
| API Request | API Response | Meaning |
|---|---|---|
| POST/file/batch | π© 200 | Batch created successfully |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 500 | Unexpected event on server | |
| POST/file/batch/{batchId}/close | π© 200 | Batch request successfully closed |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 404 | Requestβs resource was not found | |
| π₯ 500 | Unexpected event on server | |
| GET/file/batch/{batchID} | π© 200 | Batch progress paginated report (50 entries/page) |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 404 | Requestβs resource was not found | |
| π₯ 500 | Unexpected event on server | |
| GET/file/batch/{batchId}/certificate | π© 200 | Signed batch result and certificate are sent back in response body (YAML format) |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 404 | Requestβs resource was not found | |
| π₯ 500 | Unexpected event on server | |
| POST/file/batch/{batchId}/cancel | π© 200 | Batch canceled |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 404 | Batch not found (invalid ID) | |
| π₯ 500 | Unexpected event on server |
Admin
| API Request | API Response | Meaning |
|---|---|---|
| GET/admin/export | π© 200 | Request processed successfully |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server | |
| GET/admin/export/v2 | π© 200 | Request processed successfully |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server | |
| POST/admin/import | π© 200 | Request processed successfully |
| β¬ 304 | The configuration has not changed | |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server | |
| POST/admin/import/v2 | π© 200 | Request processed successfully |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server | |
| POST/admin/user | π© 200 | Request processed successfully |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 404 | Batch not found (invalid ID) | |
| π₯ 500 | Unexpected event on server | |
| POST/admin/role | π© 200 | Request processed successfully |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server | |
| GET/admin/license/backup | π© 200 | Request processed successfully |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 500 | Unexpected event on server | |
| POST/admin/license/backup | π© 200 | Request processed successfully |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 500 | Unexpected event on server | |
| POST/admin/license/backup/nomination | π© 200 | Request processed successfully |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 500 | Unexpected event on server |
License
| API Request | API Response | Meaning |
|---|---|---|
| POST/admin/license/activation | π© 200 | Request processed successfully |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 500 | Unexpected event on server | |
| POST/admin/license | π© 200 | Request processed successfully |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 500 | Unexpected event on server | |
| GET/admin/license | π© 200 | Request processed successfully |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 500 | Unexpected event on server |
Config
| API Request | API Response | Meaning |
|---|---|---|
| PUT/admin/config/auditlog | π© 200 | Successful file submission |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server | |
| PUT/admin/config/quarantine | π© 200 | The scan is completed before connection timeout |
| π₯ 403 | Unsupported Callback URL | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server | |
| PUT/admin/config/sanitize | π© 200 | Request processed successfully |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server | |
| PUT/admin/config/scanhistory | π© 200 | Request processed successfully |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server | |
| PUT/admin/config/session | π© 200 | Request processed successfully |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server | |
| PUT/admin/config/update | π© 200 | Request processed successfully |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server | |
| GET/admin/config/skip | π© 200 | A list of all skip/white/black listed hashes |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server | |
| PUT/admin/config/skip | π© 200 | Put a list of all skip/white/black listed hashes to the server |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 404 | Requestβs resource was not found | |
| π₯ 500 | Unexpected event on server | |
| POST/admin/config/skip | π© 200 | Add a list of all skip/white/black listed hashes to the server |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 404 | Batch not found (invalid ID) or request resource not found | |
| π₯ 500 | Unexpected event on server | |
| DELETE/admin/config/skip | π© 200 | Delete list of all skip/white/black listed hashes successfully |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 404 | Requestβs resource was not found | |
| π₯ 500 | Unexpected event on server | |
| GET/admin/config/webhook | π© 200 | Request processed successfully |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server | |
| PUT/admin/config/webhook | π© 200 | Request processed successfully |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 404 | Requestβs resource was not found | |
| π₯ 500 | Unexpected event on server | |
| GET/admin/config/proxy | π© 200 | A proxy list is returned |
| π₯ 403 | Invalid user information or not allowed | |
| PUT/admin/config/proxy | π© 200 | A proxy list is returned |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| POST/admin/config/proxy/testconnection | π© 200 | Request processed successfully |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| GET/admin/config/file/sync | π© 200 | Request processed successfully |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Error while requesting information | |
| PUT/admin/config/file/sync | π© 200 | Request processed successfully |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Error while modifying configuration | |
| GET/admin/config/sessioncookie | π© 200 | Request processed successfully |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server | |
| PUT/admin/config/sessioncookie | π© 200 | Request processed successfully |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 404 | Requestβs resource was not found | |
| π₯ 500 | Unexpected event on server | |
| GET/admin/config/healthcheck | π© 200 | Health check criterias to determine whether MetaDefender Core server status is healthy or not |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 500 | Unexpected event on server | |
| POST/admin/config/healthcheck | π© 200 | Health check criterias to determine whether MetaDefender Core server status is healthy or not |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 500 | Error while modifying configuration |
YARA
| API Request | API Response | Meaning |
|---|---|---|
| GET/admin/config/yara/sources | π© 200 | Returns a list of YARA engine sources |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 500 | Unexpected event on server | |
| PUT/admin/config/yara/sources | π© 200 | Returns a list of YARA engine sources |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 500 | Unexpected event on server | |
| GET/yara/package | π© 200 | Request processed successfully |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 500 | Unexpected event on server | |
| POST/yara/generate | π© 200 | Request processed successfully |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 500 | Unexpected event on server |
Engines
| API Request | API Response | Meaning |
|---|---|---|
| POST/admin/engine/{engineId}/pin | π© 200 | Pin engine successfully |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server | |
| POST/admin/engine/{engineId}/unpin | π© 200 | Unpin engine successfully |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server | |
| POST/admin/engine/{engineId}/enable | π© 200 | Enable engine successfully |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server | |
| POST/admin/engine/{engineId}/disable | π© 200 | Disable engine successfully |
| π₯ 400 | Bad request (e.g. invalid header, API key missing or invalid) | |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server |
Statistics
| API Request | API Response | Meaning |
|---|---|---|
| GET/version | π© 200 | Provides product ID and version information |
| π₯ 500 | Unexpected event on server | |
| GET/stat/engines | π© 200 | Returns an array with all engines and their details |
| GET/stat/nodes | π© 200 | Returns an array with all engines and their details |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server | |
| GET/stat/activeperformance | π© 200 | Returns an active performance report on Metadefender Core |
| π₯ 403 | Invalid user information or not allowed | |
| π₯ 405 | The user has no rights for this operation | |
| π₯ 500 | Unexpected event on server | |
| GET/readyz | π© 200 | The service is currently healthy |
| π₯ 500 | Unexpected event on server | |
| π₯ 503 | The service is currently unhealthy |
If you are Encountering Errors On MetaDefender Core and Are Unable To Find a Solution Within Our Documentation Or Knowledge Base, please follow these instructions on auto$, before creating a support case or chatting with our support engineer.
Was this page helpful?