Errors
Requests made to Facebook API can result in a number of different error responses, however there are only a handful of basic recovery tactics. The following topic describes the recovery tactics, and provides a list of error values with a map to the most common recovery tactic to use.
Error recovery tactics
Following are the common tactics for recovering from an error response when calling a Facebook API:
-
Retry the operation after waitingExample: code 17 implies too many user calls, and an application should pause and retry
-
Notify the user of an out-of-band action that is requiredExample: on iOS 6 a password change means that the user must update the password for the device in order to re-enable app tokens
-
Authorize/reauthorize the userExample: an expired token requires reauthorization of the application by the user
-
Request permissionsExample: the user may have removed a permission for an application after having previously granted it – so the app must re-request the permission
Other cases generally reflect a bug that will require a code change on the client to fix the bug. You may think of these cases as case B, where the user should be notified of the defect and directed to update the application if an update is available.
Error codes
The following represents a common json error response resulting from a failed API Facebook API call: { "error": { "message": "Message describing the error", "type": "OAuthException", "code": 190 , "error_subcode": 460 } }
The code and error_subcode are the most relevant information in the error payload for application error recovery. Following are code and subcodes, along with common recovery tactic used and notes.
codes
| Name | Code | Recovery Tactic | Note |
|---|---|---|---|
| OAuth | 190 | C unless a subcode is present | Most OAuth errors include a subcode. Use the subcode table to determine the correct recovery tactic. |
| API Session | 102 | C unless a subcode is present | Most OAuth errors include a subcode. Use the subcode table to determine the correct recovery tactic. |
| API Unknown | 1 | A | Server-side problem; app should retry after waiting, up to some app-defined threshold |
| API Service | 2 | A | Server-side problem; app should retry after waiting, up to some app-defined threshold |
| API Too Many Calls | 4 | A | Server-side throttling; app should retry after waiting |
| API User Too Many Calls | 17 | A | Server-side throttling; app should retry after waiting |
| API Permission Denied | 10 | D | User either has not granted a permission or removed a permission |
| API Permission (range) | 200-299 | D | User either has not granted a permission or removed a permission |
For authentication related errors, the following subcodes are useful in order to properly respond to, or tell users how best to respond to an error.
subcodes
| Name | Code | Recovery Tactic | Note |
|---|---|---|---|
| App Not Installed | 458 | C | User removed the app from user settings |
| User Checkpointed | 459 | B | User needs to log onto www.facebook.com, or m.facebook.com |
| Password Changed | 460 | B (iOS 6) or C | On iOS 6, if the user is authorized using integrated authentication, the user should be directed to Facebook settings on the device to set the new password; otherwise the user needs to reauthorize |
| Expired | 463 | C | Token has expired and a new one needs to be requested |
| Unconfirmed User | 464 | B | User needs to log onto www.facebook.com, or m.facebook.com |
| Invalid access token | 467 | C | Token is invalid and a new one needs to be requested |
Related topics
Updated about a month ago