Common API Errors

The Tenable Vulnerability Management API returns the following HTTP status codes corresponding to errors:

400Bad RequestReturned if the request fails because the request payload contains incomplete or invalid input.
401UnauthorizedReturned if Vulnerability Management cannot process the authentication request for any reason, for example, wrong permissions or an invalid API key.
403ForbiddenReturned if you do not have sufficient permissions to access a resource or complete a task.
404Not FoundReturned if the specified resource either does not exist or cannot be retrieved.
405Method Not AllowedReturned if the method used in the request is not supported for the specified endpoint.
406Not AcceptableReturned when the header of the request message contains an invalid accept field that is not supported by the endpoint, for example, the accept header field used with the GET /workbenches/export/{file_id}/download endpoint should be application/octet-stream and not application/json.
409ConflictReturned when Vulnerability Management encounters a stateful conflict, for example, when attempting to create a user with a username that already exists.
413Payload Too LargeReturned when the request payload content length is greater than the maximum allowed by the service.
415Unsupported Media TypeReturned when the header of the request message contains a Content-Type field that does not match a known resource.
429Rate Limit ExceededReturned if you attempt to send too many requests in a specific period of time. For more information, see Rate Limiting.
500Internal Server ErrorReturned if an internal server error occurs in Vulnerability Management.
501Not ImplementedReturned when Vulnerability Management does not support the functionality required to fulfill the request, for example, when it does not recognize the request method or does not support the method for a resource.
503Service UnavailableReturned when Vulnerability Management is not ready to handle the request. Wait a moment and retry your request.

You can find additional information about the errors by examining the detailed message in the response.