Error codes

This article provides a reference for Sumsub error codes and universal error codes returned by the API. For each error, you can find the corresponding HTTP status code and a description of the issue.

⚠️

Important

HTTP status codes are available in both the response headers and the response body, while errorCode values are returned in the response body.

Mind that not all error responses include an errorCode. In many cases, the response contains only the universal errorCode and an error message describing the issue.

Sumsub errorCode

Error name

Universal errorCode

Description

Upload errors

Errors related to document and file uploads. For more information about document requirements, refer to this article.

1000

duplicate-document

409

Applicant uploaded the duplicate document (image, video).

1001

too-many-documents

400

Applicant exceeded the maximum allowed number of uploaded documents. Adding new is not allowed.

1002

file-too-big

400

Uploaded file size exceeds the allowed limit (more than 64MB).

1003

empty-file

400

Uploaded file is empty and cannot be processed (0 bytes).

1004

corrupted-file

400

Uploaded file is corrupted or cannot be read (for example, PDF file is uploaded as JPEG).

1005

unsupported-file-format

400

Uploaded file format is not supported (for example, a TIFF image).

1006

no-upload-verification-in-progress

409

Applicant is being checked. Adding new data is not allowed.

1007

incorrect-file-size

409

Uploaded file does not meet the required size requirements specified in the global settings.

1008

applicant-marked-as-deleted

409

Applicant has been marked as deleted/inactive. No action is allowed to change the status.

1009

applicant-with-final-reject

409

Applicant has received a FINAL rejection. Adding new data/files is not allowed.

1010

doc-type-not-in-req-docs

409

Applicant attempted to upload a document type outside the configured document set.

1011

encrypted-file

400

Uploaded file is encrypted and cannot be processed.

readOnly mode errors

Errors that occur when attempting to change settings in readOnly mode.

2010

webauthn-invalid-request

400

WebAuthn request is invalid.

2011

webauthn-register-error

400

Error occurred while registering a WebAuthn authenticator.

2012

webauthn-register-duplicate

400

WebAuthn authenticator has already been registered.

2013

webauthn-auth-error

400

WebAuthn authentication failed.

2014

pwned-password

400

Provided password has been identified as compromised and cannot be used.

2015

session-ip-changed

403

Session was invalidated because the IP address changed.

2017

forbidden-countries

403

Access is not allowed from the provided country.

2018

invalid-password

401

Provided password is incorrect.

2019

action-requires-2fa

403

Requested action requires two-factor authentication.

2020

session-invalidated

401

Session has been invalidated and is no longer valid.

2021

session-invalidated-inactivity

401

Session has been invalidated due to inactivity.

2022

session-invalidated-max-duration

401

Session has expired because the maximum session duration was reached.

2023

session-invalidated-mismatch

401

Session has been invalidated because a security mismatch was detected.

2024

session-invalidated-other-login

401

Session has been invalidated because the user logged in from another session.

Flow errors

Errors related to applicant status transitions and flow rules. For example, attempting to perform an action that is not valid for the applicant's current state.

3000

applicant-is-already-in-the-state

409

Attempt to change the applicant's status against the logic — the applicant is already in the required state.

3001

applicant-is-already-in-the-state

409

Attempt to change the applicant's status against the logic — the applicant is already in a final state.

3002

applicant-is-not-in-requires-action-state

409

Attempt to change the applicant's status against the logic — the applicant is not in the Requires action state.

API authentication errors

Errors related to API access and security validation.

4000

app-token-invalid-format

401

Invalid format of the X-App-Token value.

4001

app-token-not-found

401

App token does not exist (for example, test env. token used on production).

4002

app-token-private-part-mismatch

401

Private part of the token (after dot) does not match public part.

4003

app-token-signature-mismatch

401

Signature encoded value does not match the request content.

4004

app-token-request-expired

401

X-App-Access-Ts does not match the number of seconds since Unix Epoch in UTC.

4005

app-token-invalid-value

401

Invalid authentication header values were provided.

4006

app-token-not-all-auth-params-provided

401

Not all required authorization headers were provided.

4007

app-token-invalid-params

401

Invalid authentication parameters were provided.

4008

captcha-verification-failed

400

Applicant failed CAPTCHA verification.

API usage errors

Errors caused by incorrect API usage on the client side.

5000

applicant-already-blacklisted

409

Attempt to blacklist the applicant that is already blocked in your Client lists.

5001

applicant-already-whitelisted

409

Attempt to whitelist the applicant that is already whitelisted.

Rate limits errors

Errors caused by exceeding request, usage, or verification limits.

6000

sms-attempts-exhausted

429

Maximum number of SMS verification attempts has been reached.

6001

sms-attempts-too-fast

429

SMS verification attempts are being made too frequently.

6002

sms-to-region-disabled

409

SMS delivery is not available for the specified region.

6003

sms-to-number-not-valid

400

Provided phone number is invalid.

6004

sms-to-unsubscribed-recipient

409

SMS cannot be sent because the recipient has unsubscribed from receiving messages.

6005

too-many-sms-in-sandbox

429

Maximum number of SMS messages allowed in the Sandbox environment has been reached.

6006

too-many-otp-requests

429

Maximum number of OTP requests has been reached.

6007

email-address-is-not-valid

400

Provided email address is invalid.

6008

too-many-applicants-in-sandbox

429

Maximum number of applicants allowed in the Sandbox environment has been reached.

6009

too-many-video-ident-calls-per-day-in-sandbox

429

Daily limit for Video Ident calls in the Sandbox environment has been reached.

6010

too-many-video-ident-calls-per-month-in-sandbox

429

Monthly limit for Video identification calls in the Sandbox environment has been reached.

6011

too-many-applicant-actions-pending-requests

429

Too many applicant action requests are currently pending.

Sign up errors

Errors that may occur during account registration.

7000

subject-already-exists

409

Account with the provided details already exists.

7001

email-not-allowed

409

Registration with the provided email address is not allowed.

7002

company-name-not-allowed

409

Registration with the provided company name is not allowed.

7003

promo-code-not-valid

409

Provided promo code is invalid.

7004

client-already-exists

409

Client with the provided details already exists.

7005

email-domain-not-allowed

409

Registration with the provided email domain is not allowed.

License key validation errors

Errors related to license key validation and limitations.

7500

invalid-vat-number

400

Provided VAT number is invalid.

7501

vat-validation-failed

400

Provided VAT number could not be verified as valid.

8000

license-key-exhausted

402

License key usage limit has been reached.

8001

license-key-login-restricted

401

Login is not allowed for this license key.

8002

license-key-checks-not-allowed

402

Requested checks are not allowed for this license key.

Document errors

Errors related to document requirements.

9000

document-not-masked

409

Required document masking has not been applied.

Processing data errors

Errors related to processing and validating submitted data.

9001

uncertain-gps-location

409

Provided GPS location could not be verified.

e-KYC errors

Errors that may occur during the Non-Doc Verification (e-KYC) process.

9100

invalid-data-provided

409

Provided data is invalid for the e-KYC verification.

9101

channel-usage-forbidden

409

Usage of the selected e-KYC channel is not allowed.

9102

channel-returned-unexpected-error

409

Selected e-KYC channel returned an unexpected error.

9103

channel-experiencing-difficulties

409

Selected e-KYC channel is currently experiencing technical difficulties.

9104

channel-cannot-find-data

409

Selected e-KYC channel could not find matching data.

9105

max-attempts-exceeded

409

Maximum number of e-KYC verification attempts has been exceeded.

9106

payment-unsuccessful

409

Payment for the e-KYC verification could not be completed.

9107

violations-found

409

Violations were found during the e-KYC verification.

e-SIGN errors

Errors that may occur during the QES Verification (e-SIGN) process.

9400

no-documents-to-sign-provided

409

No documents were provided for e-SIGN verification.

9401

no-input-to-sign-provided

409

No input data was provided for e-SIGN verification.

9402

pass-kyc-first

409

Applicant must pass KYC verification before using e-SIGN.

9403

channel-experiencing-difficulties

409

Selected e-SIGN channel is currently experiencing technical difficulties.

KYB errors

Errors that may occur during Business Verification (KYB) process.

9501

no-check-source-enabled

409

No KYB data source is enabled for the requested verification.

9502

invalid-data-provided

400

Provided data is invalid for the KYB verification.

9504

registry-experiencing-difficulties

409

Selected registry is currently experiencing technical difficulties.

9505

too-many-beneficiaries

400

Number of beneficiaries exceeds the allowed limit.

9506

too-many-results

400

Number of matching results exceeds the allowed limit.

Wallet verification errors

Errors related to wallet ownership verification.

9600

wallet-signature-failed

400

Wallet signature verification failed.

Common WebSDK errors

Common errors returned by the WebSDK.

9700

invalid-contact-data-provided

400

Provided contact data is invalid.

100XX - reserved for common errors

104XX - reserved for Sumsub Id errors

Reusable KYC errors

Errors related to Reusable KYC eligibility, partner configuration, and data sharing.

10501

not-in-partners-list

400

Applicant is not eligible for reusable KYC with the selected partner.

10502

invalid-partner-id

400

Provided partner ID is invalid.

10503

invalid-share-token

400

Provided share token is invalid.

10504

non-suitable-share-token

400

Provided share token cannot be used for reusable KYC.

10505

reusable-kyc-disabled

400

Reusable KYC is disabled.

10506

reusable-kyc-not-reusable

400

Applicant is not eligible for reusable KYC reuse.

10507

reusable-kyc-not-approved-applicant

400

Applicant has not passed verification for further reuse.

10508

reusable-kyc-not-active-applicant

400

Applicant is not active for further reuse.

10509

reusable-kyc-not-kyc-moderation-type

400

Applicant verification type is not supported for reusable KYC.

10510

reusable-kyc-not-selfie-or-identity-doc

400

Applicant does not have a required identity document or selfie.

10511

reusable-kyc-not-selfie-liveness

400

Applicant does not have a required Liveness check.

10512

reusable-kyc-not-req-doc-overlap

400

Required documents do not match reusable KYC requirements.

10513

reusable-kyc-not-compatible-doc-type

400

Provided document type is not compatible with reusable KYC.

10514

reusable-kyc-not-actual-poi-date

400

Identity document is too old for reusable KYC.

10515

reusable-kyc-not-actual-poa-date

400

Proof of address document is too old for reusable KYC.

10516

reusable-kyc-not-acceptable-age

400

Applicant age does not meet reusable KYC requirements.

10517

reusable-kyc-incompatible-capture-settings

400

Capture settings are not compatible with reusable KYC requirements.

10518

reusable-kyc-email-mismatch

400

Applicant email address does not match reusable KYC data.

10519

reusable-kyc-phone-mismatch

400

Applicant phone number does not match reusable KYC data.

10520

copy-applicant-disabled

400

Applicant copying for reusable KYC is disabled.

10521

reusable-kyc-inactive-sumsub-id-account

400

Sumsub ID account is inactive.

10522

reusable-kyc-unsuitable-applicant-data

400

Applicant data is not suitable for reusable KYC.

10523

reusable-kyc-incompatible-doc-sub-type

400

Document subtype is not compatible with reusable KYC.

10524

reusable-kyc-inactive-id-doc

400

Provided identity document is inactive.

10525

reusable-kyc-unsuitable-questionnaire

400

Questionnaire data is not suitable for reusable KYC.

10526

reusable-kyc-token-env-mismatch

400

Share token environment does not match the current environment.

Sumsub ID Connect errors

Errors that may occur when using Sumsub ID Connect.

10600

sumsub-id-profile-not-found

401

Profile associated with the Sumsub ID Connect token could not be found. This could be because the profile was deleted.

10601

sumsub-id-profile-blocked

401

Profile associated with the Sumsub ID Connect token has been blocked and cannot be used.

10602

sumsub-id-app-disconnected

401

Profile associated with the Sumsub ID Connect token has revoked the connection between their Sumsub ID and your app.

10603

sumsub-id-access-token-invalid

401

Sumsub ID Connect token is malformed or expired.

10604

sumsub-id-connect-disabled

403

Sumsub ID Connect is not enabled for your client key.