An error response indicating the input parameters for an API call failed validation.

Most API calls that produce this error use an HTTP status of 400 (Bad Request) by default. For convenience, you can change the HTTP response status in those cases by including an __error_ok__ parameter in your request object (the value of the parameter is ignored), which causes WingCash to use an HTTP status of 200 OK for InvalidRequests.


Contains the string invalid or invalid_token.
An ASCII description of the error.
Optional. APIs for sending cash sometimes provide this attribute. It is a list of details about why the attempt to send cash failed. Each item in the list contains code (a string), field_name (a string), and info (an object with attributes corresponding to the code).
Optional. An object with field-specific validation errors.

This attribute is present only when the error attribute is invalid_token. It contains a code that describes why the token is invalid. The possible values include:

  • app_credentials_changed
  • app_not_found
  • app_removed
  • device_disabled
  • device_removed
  • incorrect_app_for_oauth_code
  • incorrect_site_for_oauth_code
  • incorrect_site_for_token
  • invalid_oauth_code
  • missing_token
  • not_authorized_for_app
  • not_manager
  • oauth_code_expired
  • oauth_code_incorrect
  • oauth_code_not_recognized
  • oauth_code_reused
  • personal_profile_missing
  • profile_credentials_changed
  • profile_missing
  • redirect_uri_mismatch
  • token_expired_hard
  • token_expired_soft
  • token_incorrect
  • token_invalid
  • token_not_recognized

Apps can refresh the access token only when either the access token is still valid or the token_error value is token_expired_soft.

Used In

Most API calls can respond with InvalidRequest. When that happens, the response body is an InvalidReqest JSON object.