Response codes

What response codes mean and how to deal with them

The Intruder API uses standard HTTP response codes to indicate the success or failure of an API request.

Response codes in the 2xx range indicate success, i.e. the request was successful.

Response codes in the 4xx range meaning something went wrong, and it was due to the information you provided (e.g., a required parameter was omitted or invalid).

If you receive a response code in the 5xx range, that means something went wrong on Intruder's end (these errors are rare).

Here's an overview of the most common response codes:

HTTP status code

200 - OK

Everything worked as expected.

400 - Bad Request

The request was unacceptable, often due to missing a required parameter.

401 - Unauthorised

The access token provided was invalid.

403 - Forbidden

The access token doesn't have permissions to perform the request.

404 - Not Found

The requested resource doesn't exist.

409 - Conflict

The request conflicts with current state of an existing resource (e.g. you tried to add a target that exists already).

429 - Too Many Requests

Too many requests hit the API too quickly. We recommend an exponential backoff of your requests.

500, 502, 503, 504 - Server Errors

Something went wrong on Intruder's end. (These are rare.)