Raise Exception

The Raise Exception button enables the API administrator to edit their response to the client in case of interceptor-related or internal errors.

If an error occurs, the object $call.flowError will be populated with the following attributes:

message: value which will be displayed in the response body;
httpErrorCode: error code that will be returned in the request;
position: position of the interceptor in which the error occurred;
interceptorType: type of interceptor that failed.

How to use it

The button is in the Flows sector, inside the area where the interceptors are displayed, between the figures reading Request To Backend and Response to Client.

Clicking the Raise Exception button will open the editor, as below:

In the editor, it’s possible to create scripts to be executed when there is an exception.

When the flow contains such a script, a different button will be displayed, meaning that the script can be edited:

To remove a Raise Exception script, simply click the red X next to the button.

Types of interceptors and error codes

Type	Message	Request Error	Response Error
AccessTokenValidation	This Access Token is expired	403	-
AccessTokenValidation	Access Token is in invalid state (PENDING, REVOKED, CANCELLED, REJECTED)	403	-
AccessTokenValidation	Could not find a required Access Token in the request, identified by (location) (name)	401	-
JsonThreatProtection	Json format invalid	400	500
JsonThreatProtection	Container depth limit exceeds the maximum allowed for this API (10)	400	500
JsonThreatProtection	Object entry count limit exceeds the maximum allowed for this API (10)	400	500
JsonThreatProtection	Object entry name length limit exceeds the maximum allowed for this API (10)	400	500
JsonThreatProtection	Array element count limit exceeds the maximum allowed for this API (30)	400	500
JsonThreatProtection	String value length limit exceeds the maximum allowed for this API (30)	400	500
JsonThreatProtection	JSON threat protection validation failed: Invalid Content-Type in Header → (Content type)	415	415
JsonThreatProtection	JSON threat protection validation failed: Content-Type not found in Header	415	415
XMLThreatProtection	XML format invalid	400	500
XMLThreatProtection	Name limits element exceeds the maximum allowed for this API (n)	400	500
XMLThreatProtection	Name limits attribute exceeds the maximum allowed for this API (n)	400	500
XMLThreatProtection	Name limits namespace prefix exceeds the maximum allowed for this API (n)	400	500
XMLThreatProtection	Name limits processing instruction target exceeds the maximum allowed for this API (n)	400	500
XMLThreatProtection	Structure limits node depth element exceeds the maximum allowed for this API (n)	400	500
XMLThreatProtection	Structure limits attribute count per element exceeds the maximum allowed for this API (n)	400	500
XMLThreatProtection	Structure limits namespace count per element exceeds the maximum allowed for this API (n)	400	500
XMLThreatProtection	Structure limits child count exceeds the maximum allowed for this API (n)	400	500
XMLThreatProtection	Value limits text exceeds the maximum allowed for this API (n)	400	500
XMLThreatProtection	Value limits attribute exceeds the maximum allowed for this API (n)	400	500
XMLThreatProtection	Value limits namespace URI exceeds the maximum allowed for this API (n)	400	500
XMLThreatProtection	Value limits comment exceeds the maximum allowed for this API (n)	400	500
XMLThreatProtection	Value limits processing instruction data exceeds the maximum allowed for this API (n)	400	500
XMLThreatProtection	XML threat protection validation failed: Invalid Content-Type in Header → (Content type)	415	415
XMLThreatProtection	XML threat protection validation failed: Content-Type not found in Header	415	415
SqlThreatProtection	SQL Injection attack identified in this API Body	400	500
SqlThreatProtection	SQL Injection attack identified in this API Headers	400	500
SqlThreatProtection	SQL Injection attack identified in this API Query Params	400	500
TimeTokenValidation	Could not find a required Time token in the request, identified by (location) (nome)	403	-
TimeTokenValidation	Invalid time token in the request, identified by %s %s	403	-
TokenInterceptor	Error generating token	-	500
TimeAllowed	Time restriction for this API. Works only (hoursOfDay)	429	-
SpikeArrest	urrent Spike Arrest Rate exceeds the maximum Rate of %s call each %s %s for this API	429	-
RestrictAccess	Access denied for this environment.	403	-
RateLimit	Current rate (%s) exceeds the maximum rate (%s) for this API	429	-
PayloadSize	Request size (%s bytes) exceeds the maximum allowed size for this API (%s bytes)	413	-
JWT Validation	JWT %s has an invalid signature	403	-
JWT Validation	JWT is in invalid state %s, rejecting call	403	-
IP Filtering	IP List cannot be null	500	-
IP Filtering	Blocked access from your IP	403	-
Encrypt	An error occurred during the encryption mode	422	-
Encrypt	An error occurred during the encryption mode	422	-
DateTime	The request is out of the accepted date range between: %s and %s"	423	-
Custom Interceptor	Error during process custom interceptor '%s': %s	500	-
ClientID Validation	Could not find a required APP in the request, identified by %s %s	401	-
ClientID Validation	APP is in invalid state %s	403	-
CSRF Validation	Could not find a required CSRF Token in the request, identified by %s, %s	401	-
CSRF Validation	CSRFToken is expired	403	-
CSRF Validation	Requests with different origins	403	-

Example

Check Authorisation Error 401:

 var resp = {};
 if ($call.flowError.httpErrorCode == 401 && $call.flowError.position == 1) {
     resp.msg = "msg error";
 } else {
     resp.msg = "other msg";
 }
 $call.response.getBody().setString($json.stringify(resp), "utf-8");
 $call.response.setHeader("Content-Type", "application/json");

For information on writing a custom JavaScript, click here.

Thanks for your feedback!

EDIT

Share your suggestions with us!
Click here and then [+ Submit idea]