status field or the code string without parsing free-form error messages. This page covers every error your integration may encounter and how to resolve it.
Error Response Format
All error responses share the same JSON structure, regardless of the error type. Check thecode field for a machine-readable error identifier and message for a human-readable explanation.
| Field | Type | Description |
|---|---|---|
code | string | Machine-readable error identifier (e.g. UNAUTHORIZED, NOT_FOUND) |
message | string | Human-readable description of the error |
status | integer | HTTP status code, mirrored in the response status line |
HTTP Status Codes
The table below lists every status code the API returns, what it means, and the first action to take.| Status | Code String | Meaning | Action |
|---|---|---|---|
400 | BAD_REQUEST | The request contains invalid or missing parameters. | Check your query parameters against the endpoint reference. Look at the message field for which parameter is invalid. |
401 | UNAUTHORIZED | The X-RP-API-Key header is missing, malformed, or refers to a revoked key. | Verify the header is present and that your key starts with rp_app_. Regenerate at developers.rocketpunch.com if needed. |
403 | FORBIDDEN | Your API key is valid but does not have permission to access this resource. | Check that your app has the required scopes enabled. If using OAuth, ensure the user granted the scope your request requires. |
404 | NOT_FOUND | The requested resource does not exist. | Confirm the endpoint path and any resource identifiers in the URL. The resource may have been deleted or the ID may be incorrect. |
422 | UNPROCESSABLE_ENTITY | The request is well-formed but the values fail validation. | Read the message for field-level details, such as an out-of-range page value or an unsupported lang code. |
429 | RATE_LIMIT_EXCEEDED | Your app has exceeded its request quota for the current window. | Wait for the time indicated in the Retry-After header, then retry. See the Rate Limits page for retry strategies. |
500 | INTERNAL_SERVER_ERROR | An unexpected error occurred on Rocketpunch’s servers. | Retry the request after a short delay using exponential backoff. If the error persists, contact support@rocketpunch.com. |
503 | SERVICE_UNAVAILABLE | The API is temporarily unavailable, typically during maintenance. | Retry after a brief delay. Check the developer portal for any active incidents. |
Common Issues and Solutions
Invalid or missing API key (401)
The most common cause of401 errors is a missing or incorrectly formatted X-RP-API-Key header.
Check the header name. The header must be exactly X-RP-API-Key (case-insensitive in HTTP, but match it exactly to avoid bugs in some HTTP clients).
Check the key format. App Keys follow the format rp_app_xxxxxxxxxxxxxxxx. If your key doesn’t start with rp_app_, you may have copied the wrong value from the developer portal.
Regenerate a compromised key. If you suspect your key has been exposed, go to developers.rocketpunch.com, open your app settings, and rotate the key. Update your environment variables or secrets manager with the new value.
Unsupported language code (400 / 422)
Thelang parameter on endpoints like /api/v1/jobs and /api/v1/companies accepts specific locale codes. Passing an invalid value returns a 400 or 422 error.
The API supports 11 languages. Use the IETF language tag format:
| Language | lang value |
|---|---|
| Korean | ko |
| English | en |
| Japanese | ja |
| Chinese (Simplified) | zh-hans |
| Chinese (Traditional) | zh-hant |
| Spanish | es |
| French | fr |
| German | de |
| Portuguese | pt |
| Indonesian | id |
| Vietnamese | vi |
Pagination out of range (400 / 422)
If you request apage or per_page value outside the accepted range, the API returns an error. Keep per_page within the documented maximum for each endpoint (typically 100), and do not request a page number beyond the last page of results.
OAuth token errors (401 / 403)
If you receive a401 when using a Bearer token, the token may have expired. Use your refresh_token to obtain a new access token. See the Auth Flow guide for the refresh flow.
A 403 with a Bearer token usually means the token was issued without the scope required by the endpoint you’re calling. Redirect the user through the authorization flow again and request the missing scope.
Handling Errors in Code
Structure your error handling to read theerror.code field for programmatic branching and surface error.message to your logs or monitoring system.
Getting Help
If you encounter an error not covered here, or a500 that persists after retrying, reach out to the Rocketpunch developer support team.
- Email: support@rocketpunch.com
- Developer portal: developers.rocketpunch.com