Skip to content

Error Reference

HTTP Status Codes

CodeMeaning
200Success
400Bad Request — invalid input, missing fields
401Unauthorized — missing or invalid API key / JWT
403Forbidden — valid auth but insufficient permissions
404Not Found — resource does not exist
409Conflict — duplicate submission, already exists
429Too Many Requests — rate limit exceeded

Error Response Format

Errors return a JSON body with an error field:

json
{
  "error": "Missing required fields: roundId, manifestJson, manifestHash, ticketCount"
}

Some endpoints include additional fields:

json
{
  "error": "A pending application already exists for this email",
  "applicationId": "app_xxx"
}

Common Error Codes

ErrorCauseResolution
Missing required fieldsRequest body missing required parametersInclude all required fields
Invalid Ethereum address formatAddress not 0x + 40 hex charsUse valid EVM address
Invalid email formatMalformed emailUse valid email
Round not foundInvalid round IDCheck round exists via /api/public/rounds
Operator not foundInvalid operator IDVerify operator is registered
Missing X-Ultima-Key headerNo API key providedAdd X-Ultima-Key: ulk_...
Invalid API keyWrong or revoked keyVerify key, request new if needed
Missing X-Application-Token headerApplication status check without tokenAdd token from apply response
Invalid application tokenWrong token for applicationUse token returned by apply
No webhook URL configuredTest webhook without URLPUT /api/operator/webhook first
Unknown event typeInvalid eventType in test-webhookUse one of the documented event types
Manifest already submitted for this roundDuplicate manifestOne manifest per operator per round
Round is not in OPEN or SEALING stateWrong round stateSubmit only when round is OPEN or SEALING

Rate Limits

  • Public API: Generous limits for transparency queries
  • Operator API: Authenticated rate limits apply; 429 returned when exceeded

Retry with exponential backoff on 429.