Error Codes - Docs

MenuGaze API endpoints return standard HTTP status codes. Error responses include a JSON body with details about what went wrong.

Error Response Format

{
  "success": false,
  "error": "Human-readable error message"
}

Code	Meaning	Common Causes
`200`	OK	Request succeeded. Response body contains the requested data.
`201`	Created	Resource created successfully. Returned by POST endpoints on success.
`400`	Bad Request	Missing or invalid fields in the request body. Check that all required fields are present and correctly formatted.
`401`	Unauthorized	Missing or invalid authentication token. Ensure you include a valid Bearer token in the Authorization header. The token may have expired — log in again to get a fresh token.
`403`	Forbidden	You are authenticated but do not have permission to access this resource. This typically means you are trying to access or modify a resource belonging to another restaurant.
`404`	Not Found	The requested resource does not exist. Verify the ID in the URL path is correct.
`429`	Too Many Requests	Rate limit exceeded. Check the `Retry-After` header for the number of seconds to wait before retrying. Auth endpoints are limited to 10 requests per 15 minutes per IP. Order creation is limited to 5 requests per minute per IP.
`500`	Internal Server Error	An unexpected error occurred on the server. If this persists, contact support. These errors are logged automatically for investigation.
`503`	Service Unavailable	The service is temporarily unavailable. This can occur during maintenance or when a required external service (e.g., the worker secret) is not configured. Retry after a short delay.

Endpoints with rate limits return a 429 status when the limit is exceeded. The response includes:

Retry-After header — The number of seconds to wait before making another request.
An error message indicating the rate limit that was exceeded.

Rate limits are applied per IP address. Current limits: