https://cloud.google.com/storage/docs/json_api/v1/status-codes
HTTP status and error codes for JSON
The following document provides reference information about the status codes and error messages that are used in the Cloud Storage JSON API. For the page specific to the Cloud Storage XML API, see HTTP status and error codes for XML.
Error Response Format
Cloud Storage uses the standard HTTP error reporting format for the JSON API. Successful requests return HTTP status codes in the 2xx range. Failed requests return status codes in the 4xx and 5xx ranges. Requests that require a redirect returns status codes in the 3xx range. Error responses usually include a JSON document in the response body, which contains information about the error.
The following examples show some common errors. Note that the header information in the responses is omitted.
401 UNAUTHORIZED
403 FORBIDDEN
404 NOT FOUND
409 CONFLICT
The following is an example of an error response you receive if you try to list the buckets for a project but do not provide an authorization header.
401 Unauthorized
{
"error": {
"errors": [
{
"domain": "global",
"reason": "required",
"message": "Login Required",
"locationType": "header",
"location": "Authorization"
}
],
"code": 401,
"message": "Login Required"
}
}
The following table describes the elements that can appear in the response body of an error. Fields should be used together to help determine the problem. Also, the example values given below are meant for illustration and are not an exhaustive list of all possible values.
ElementDescription
|
code |
An HTTP status code value, without the textual description.
Example values include: 400 (Bad Request), 401 (Unauthorized), and 404 (Not Found). |
|
error |
A container for the error information. |
|
errors |
A container for the error details. |
|
errors.domain |
The scope of the error. Example values include: global, push, and usageLimits. |
|
errors.location |
The specific item within the locationType that caused the error. For example, if you specify an invalid value for a parameter, the location will be the name of the parameter.
Example values include: Authorization, project, and projection. |
|
errors.locationType |
The location or part of the request that caused the error. Use with location to pinpoint the error. For example, if you specify an invalid value for a parameter, the locationType will be parameter and the location will be the name of the parameter.
Example values include header and parameter. |
|
errors.message |
Description of the error.
Example values include Invalid argument, Login required, and Required parameter: project. |
|
errors.reason |
Example values include invalid, invalidParameter, and required. |
|
message |
Description of the error. Same as errors.message. |
HTTP Status and Error Codes
This section provides a non-exhaustive list of HTTP status and error codes that the Cloud Storage JSON API uses. The 1xx Informational and 2xx Success codes are not discussed here. For more information, see Response Status Codes in RFC 7231 §6, RFC 7232 §4, RFC 7233 §4, RFC 7235 §3, and RFC 6585.
302—Found
ReasonDescription
|
found |
Resource temporarily located elsewhere according to the Location header. |
303—See Other
ReasonDescription
|
mediaDownloadRedirect |
When requesting a download using alt=media URL parameter, the direct URL path to use is prefixed by /download. If this is omitted, the service will issue this redirect with the appropriate media download path in the Location header. |
304—Not Modified
ReasonDescription
|
notModified |
The conditional request would have been successful, but the condition was false, so no body was sent. |
307—Temporary Redirect
ReasonDescription
|
temporaryRedirect |
Resource temporarily located elsewhere according to the Location header. Among other reasons, this can occur when cookie-based authentication is being used, e.g., when using the Storage Browser, and it receives a request to download content. |
308—Resume Incomplete
Description
|
Indicates an incomplete resumable upload and provides the range of bytes already received by Cloud Storage. Responses with this status do not contain a body. |
400—Bad Request
[Domain.]ReasonDescription
|
badRequest |
The request cannot be completed based on your current Cloud Storage settings. For example, you cannot lock a retention policy if the requested bucket doesn't have a retention policy, and you cannot set ACLs if the requested bucket has Bucket Policy Only enabled. |
|
badRequestException |
The retention period on a locked bucket cannot be reduced. |
|
cloudKmsBadKey |
Bad Cloud KMS key. |
|
cloudKmsCannotChangeKeyName |
Cloud KMS key name cannot be changed. |
|
cloudKmsDecryptionKeyNotFound |
Resource's Cloud KMS decryption key not found. |
|
cloudKmsDisabledKey |
Cloud KMS key is disabled, destroyed, or scheduled to be destroyed. |
|
cloudKmsEncryptionKeyNotFound |
Cloud KMS encryption key not found. |
|
cloudKmsKeyLocationNotAllowed |
Cloud KMS key location not allowed. |
|
customerEncryptionAlgorithmIsInvalid |
Missing an encryption algorithm, or the provided algorithm is not "AE256." |
|
customerEncryptionKeyFormatIsInvalid |
Missing an encryption key, or it is not Base64 encoded, or it does not meet the required length of the encryption algorithm. |
|
customerEncryptionKeyIsIncorrect |
The provided encryption key is incorrect. |
|
customerEncryptionKeySha256IsInvalid |
Missing a SHA256 hash of the encryption key, or it is not Base64 encoded, or it does not match the encryption key. |
|
invalidAltValue |
The value for the alt URL parameter was not recognized. |
|
invalidArgument |
The value for one of fields in the request body was invalid. |
|
invalidParameter |
The value for one of the URL parameters was invalid. In addition to normal URL parameter validation, any URL parameters that have a corresponding value in provided JSON request bodies must match if they are both specified. If using JSONP, you will get this error if you provide an alt parameter that is not json. |
|
notDownload |
Uploads or normal API request was sent to a /download/* path. Use the same path, but without the /download prefix. |
|
notUpload |
Downloads or normal API request was sent to a /upload/* path. Use the same path, but without the /upload prefix. |
|
parseError |
Could not parse the body of the request according to the provided Content-Type. |
|
push.channelIdInvalid |
Channel id must match the following regular expression: [A-Za-z0-9\\-_\\+/=]+ |
|
push.channelIdNotUnique |
storage.objects.watchAll's id property must be unique across channels. |
|
push.webhookUrlNoHostOrAddress |
storage.objects.watchAll's address property must contain a valid URL. |
|
push.webhookUrlNotHttps |
storage.objects.watchAll's address property must be an HTTPS URL. |
|
required |
A required URL parameter or required request body JSON property is missing. |
|
resourceIsEncryptedWithCustomerEncryptionKey |
The resource is encrypted with a customer-supplied encryption key, but the request did not provide one. |
|
resourceNotEncryptedWithCustomerEncryptionKey |
The resource is not encrypted with a customer-supplied encryption key, but the request provided one. |
|
turnedDown |
A request was made to an API version that has been turned down. Clients will need to update to a supported version. |
|
userProjectInconsistent |
The user project specified in the request does not match the user project specifed in an earlier, related request. |
|
userProjectInvalid |
The user project specified in the request is invalid, either because it is a malformed project id or because it refers to a non-existent project. |
|
userProjectMissing |
The requested bucket has Requester Pays enabled, the requester is not an owner of the bucket, and no user project was present in the request. |
|
wrongUrlForUpload |
storage.objects.insert must be invoked as an upload rather than a metadata. |
401—Unauthorized
[Domain.]ReasonDescription
|
AuthenticationRequiredRequesterPays |
Access to a Requester Pays bucket requires authentication. |
|
authError |
This error indicates a problem with the authorization provided in the request to Cloud Storage. The following are some situations where that will occur:
|
|
lockedDomainExpired |
When downloading content from a cookie-authenticated site, e.g., using the Storage Browser, the response will redirect to a temporary domain. This error will occur if access to said domain occurs after the domain expires. Issue the original request again, and receive a new redirect. |
|
push.webhookUrlUnauthorized |
Requests to storage.objects.watchAll will fail unless you verify you own the domain. |
|
required |
Access to a non-public method that requires authorization was made, but none was provided in the Authorization header or through other means. |
403—Forbidden
[Domain.]ReasonDescription
|
accountDisabled |
The account associated with the project that owns the bucket or object has been disabled. Check the Google Cloud Platform Console to see if there is a problem with billing, and if not, contact account support. |
|
countryBlocked |
The Cloud Storage JSON API is restricted by law from operating with certain countries. |
|
forbidden |
According to access control policy, the current user does not have access to perform the requested action. This code applies even if the resource being acted on doesn't exist. |
|
insufficientPermissions |
According to access control policy, the current user does not have access to perform the requested action. This code applies even if the resource being acted on doesn't exist. |
|
objectUnderActiveHold |
Object overwrite or deletion is not allowed due to an active hold on the object. |
|
rateLimitExceeded |
The Cloud Storage rate limit was exceeded. Retry using exponential backoff. |
|
retentionPolicyNotMet |
Object overwrite or deletion is not allowed until the object meets the retention period set by the retention policy on the bucket. |
|
sslRequired |
Requests to this API require SSL. |
|
stopChannelCallerNotOwner |
Calls to storage.channels.stop require that the caller own the channel. |
|
usageLimits.accessNotConfigured |
This error implies that for the project associated with the OAuth token or the developer key provided, access to Cloud Storage JSON API is not enabled. This is most commonly because Cloud Storage JSON API is not enabled in the Google Cloud Platform Console, though there are other cases where the project is blocked or has been deleted when this can occur. |
|
UserProjectAccessDenied |
The requester is not authorized to use the project specified in their request. The requester must have either the serviceusage.services.use permission or the Editor role for the specified project. |
|
UserProjectAccountProblem |
There is a problem with the project used in the request that prevents the operation from completing successfully. One issue could be billing. Check the billing page to see if you have a past due balance or if the credit card (or other payment mechanism) on your account is expired. For project creation, see the Projects page in the Google Cloud Platform Console. For other problems, see the Resources and Support page. |
|
userRateLimitExceeded |
The developer-specified per-user rate quota was exceeded. If you are the developer, then you can view these quotas at Quotas pane in the Google Cloud Platform Console. |
404—Not Found
ReasonDescription
|
notFound |
Either there is no API method associated with the URL path of the request, or the request refers to one or more resources that were not found. |
405—Method Not Allowed
ReasonDescription
|
methodNotAllowed |
The HTTP verb is not supported by the URL endpoint used in the request. This can happen, for example, when using the wrong verb with the /upload or /download URLs. |
409—Conflict
ReasonDescription
|
conflict |
A request to change a resource, usually a storage.*.update or storage.*.patch method, failed to commit the change due to a conflicting concurrent change to the same resource. The request can be retried, though care should be taken to consider the new state of the resource to avoid blind overwriting of other agent's changes. |
410—Gone
Description
|
You have attempted to use a resumable upload session that is no longer available. If the reported status code was not successful and you still wish to upload the file, you must start a new session. |
411—Length Required
Description
|
You must provide the Content-Length HTTP header. This error has no response body. |
412—Precondition Failed
ReasonDescription
|
conditionNotMet |
At least one of the pre-conditions you specified did not hold. |
|
orgPolicyConstraintFailed |
Request violates an OrgPolicy constraint. |
413—Payload Too Large
ReasonDescription
|
uploadTooLarge |
The Cloud Storage JSON API supports up to 5 TB objects.
This error may, alternatively, arise if copying objects between locations and/or storage classes can not complete within 30 seconds. In this case, use the Rewrite method instead. |
416—Requested Range Not Satisfiable
ReasonDescription
|
requestedRangeNotSatisfiable |
The requested Range cannot be satisfied. |
429—Too Many Requests
[Domain.]ReasonDescription
|
usageLimits.rateLimitExceeded |
A Cloud Storage JSON API usage limit was exceeded. If your application tries to use more than its limit, additional requests will fail. Throttle your client's requests, and/or use truncated exponential backoff. |
500—Internal Server Error
ReasonDescription
|
backendError |
We encountered an internal error. Please try again using truncated exponential backoff. |
|
internalError |
We encountered an internal error. Please try again using truncated exponential backoff. |
502—Bad Gateway
This error is generated when there was difficulty reaching an internal service. It is not formatted with a JSON document. Please try again using truncated exponential backoff.
503—Service Unavailable
ReasonDescription
|
backendError |
We encountered an internal error. Please try again using truncated exponential backoff. |