Skip to main content
Cartegraph Campus

Exception Handling for REST API

This feature may not be available in every package. Not sure if you have this feature or you want to learn more about it? Send us a message at

Cartegraph's API is a licensed product that requires a purchase and verified ownership before production use.

HTTP Status Codes Used by the API

  • 200 OK - The request has succeeded. The information returned with the response is dependent on the method used in the request.
  • 201 Created - The request has been fulfilled and resulted in a new resource being created.
  • 304 Not Modified - A request was sent, but no records were modified.
  • 400 Bad Request - The request could not be understood by the server due to malformed syntax. The client should not repeat the request without modifications.
  • 401 Unauthorized - User must authenticate
  • 403 Forbidden - User is trying to perform an operation they do not have permission to perform.
  • 404 Not Found - The URL is not recognized.
  • 500 Internal Server Error - The server could not process the request due to an internal error.
  • 503 Service Unavailable - The server could not process the request due to scheduled maintenance. (New for v18 - Fall 2018)

API Error Object

The response body of a request that fails on the server is almost always a JSON object that contains a Message property whose value is the error message.

Cross-Origin Resource Sharing (CORS) Security

For custom web applications that integrate with the Cartegraph REST API, the origin of where the web application is hosted will need to be added to the CORSWhitelist system setting in order for the integration to continue working once the EnhancedAPI Security system setting is set to true.

To learn more about the system setting, see Cross-Origin Resource Sharing System Settings.

Other Common Errors

"A potentially dangerous Request.Form value was detected."

This error occurs when attempting to send certain special characters to some REST API end points. This is due to a security mechanism designed to prevent potentially malicious code from being stored in the Cartegraph database.

To work around this issue, you will need to find and replace any of the following character sequences before sending them to the API.  

  • <(any a-z character)  
  • <!   
  • </ 
  • <? 
  • &#