Contact us

Error Responses in APIs: What You Return Is What Developers Debug With

by Arif Ikhsanudin, Backend Developer

Your error response is your real documentation

When an API fails, nobody opens your docs first.

They look at the response.

If what they see is vague, inconsistent, or incomplete, they’re stuck:

  • guessing what went wrong
  • retrying blindly
  • digging through logs they may not even have access to

At that moment, your error response is the API.

If it’s not designed intentionally, developers will feel it immediately.

The common failure mode: generic, unhelpful errors

Most APIs start here:

{
  "error": "Something went wrong"
}

Or slightly better:

{
  "message": "Invalid request"
}

These technically signal failure, but they don’t help anyone fix it.

Developers need three things:

  1. what went wrong
  2. where it went wrong
  3. how to fix it (or at least what to check)

If your error doesn’t provide those, it’s incomplete.

A practical error structure that scales

A good baseline:

{
  "error": {
    "code": "INVALID_EMAIL",
    "message": "Email format is invalid",
    "details": {
      "field": "email"
    }
  }
}

Breakdown:

  • code → stable, machine-readable identifier
  • message → human-readable explanation
  • details → contextual data (optional but powerful)

This structure scales across:

  • validation errors
  • business logic errors
  • system failures

The key is consistency. Every endpoint should follow the same format.

Codes matter more than messages

Messages change. Codes shouldn’t.

Bad:

{
  "error": "Email is not valid"
}

Better:

{
  "error": {
    "code": "INVALID_EMAIL",
    "message": "Email is not valid"
  }
}

Why?

Clients can rely on code:

  • show specific UI messages
  • trigger fallback logic
  • group errors for analytics

Messages are for humans. Codes are for systems.

If you only return messages, every client ends up parsing strings. That never ends well.

Validation errors should be precise

If multiple fields fail validation, don’t collapse them:

{
  "error": {
    "code": "VALIDATION_FAILED",
    "message": "Invalid input"
  }
}

Return field-level detail:

{
  "error": {
    "code": "VALIDATION_FAILED",
    "message": "One or more fields are invalid",
    "details": [
      {
        "field": "email",
        "code": "INVALID_FORMAT"
      },
      {
        "field": "password",
        "code": "TOO_SHORT",
        "min_length": 8
      }
    ]
  }
}

Now the client can:

  • highlight specific fields
  • provide actionable feedback
  • avoid trial-and-error debugging

Don’t leak internals, but don’t hide everything either

There’s a balance between helpful and dangerous.

Bad (leaks internals):

{
  "error": "SQLSTATE[23505]: duplicate key value violates unique constraint \"users_email_key\""
}

Bad (too vague):

{
  "error": "Database error"
}

Better:

{
  "error": {
    "code": "EMAIL_ALREADY_EXISTS",
    "message": "An account with this email already exists"
  }
}

Expose what the client needs to act. Hide implementation details that could:

  • confuse consumers
  • expose vulnerabilities
  • lock you into internal designs

Correlation IDs turn guesswork into traceability

When something goes wrong in production, developers often need help from your team.

Give them a way to reference the failure:

X-Request-ID: 9f8c7a6b

{
  "error": {
    "code": "INTERNAL_ERROR",
    "message": "Unexpected failure",
    "request_id": "9f8c7a6b"
  }
}

Now:

  • clients can log it
  • support teams can trace it
  • logs can be correlated across services

Without this, debugging becomes “can you reproduce it?” instead of “let’s look it up.”

Align errors with HTTP status codes

The error body is not a replacement for HTTP status codes.

Combine both:

HTTP/1.1 404 Not Found

{
  "error": {
    "code": "ORDER_NOT_FOUND",
    "message": "Order 1234 does not exist"
  }
}

This gives:

  • infrastructure → correct signal (4xx vs 5xx)
  • clients → structured detail

If you return 200 with an error body, you’ve already lost half the value.

Consistency across services matters more than perfection

In a multi-service system, inconsistency multiplies:

  • one service uses error.code
  • another uses error_type
  • another returns raw strings

Clients now need adapters per service.

Define a shared format and enforce it everywhere—even if it’s not perfect.

Consistency reduces cognitive load more than clever design.

The tradeoff: verbosity vs usability

Good error responses are more verbose:

  • larger payloads
  • more fields to maintain
  • more cases to define

But minimal errors push that complexity onto every client:

  • repeated debugging effort
  • duplicated validation logic
  • slower integrations

You either centralize clarity or distribute confusion.

What to do differently this week

Pick one error your API returns frequently.

Improve it:

  • add a stable error code
  • make the message specific
  • include contextual details

Then update one client to use that structure properly.

You’ll immediately see how much friction a good error response removes.

Scale Your Backend - Need an Experienced Backend Developer?

We provide backend engineers who join your team as contractors to help build, improve, and scale your backend systems.

We focus on clean backend design, clear documentation, and systems that remain reliable as products grow. Our goal is to strengthen your team and deliver backend systems that are easy to operate and maintain.

We work from our own development environments and support teams across US, EU, and APAC timezones. Our workflow emphasizes documentation and asynchronous collaboration to keep development efficient and focused.

  • Production Backend Experience. Experience building and maintaining backend systems, APIs, and databases used in production.
  • Scalable Architecture. Design backend systems that stay reliable as your product and traffic grow.
  • Contractor Friendly. Flexible engagement for short projects, long-term support, or extra help during releases.
  • Focus on Backend Reliability. Improve API performance, database stability, and overall backend reliability.
  • Documentation-Driven Development. Development guided by clear documentation so teams stay aligned and work efficiently.
  • Domain-Driven Design. Design backend systems around real business processes and product needs.

Tell us about your project

Say Hej

Our offices

  • Copenhagen
    1 Carlsberg Gate
    1260, København, Denmark
  • Magelang
    12 Jalan Bligo
    56485, Magelang, Indonesia

More articles

When Big Tech Owns Your Local Talent Pool — How Dublin Startups Hire Backend Engineers

You offered the role to your top candidate on Friday. On Monday she emailed to say Google matched. You never heard from her again.

Read more

When WFH Is Banned but Productivity Suffers

The office is full again. Desks are occupied, meetings are back-to-back. Yet somehow, less meaningful work gets done.

Read more

Monitoring Is Not Optional. It Is How You Know Your App Is Alive.

A service without meaningful monitoring is a service you're flying blind on. You don't know if it's working, degrading, or failing — until a user tells you. That is not an acceptable operational posture.

Read more

Spring Boot Testing Strategy — Unit Tests, Slice Tests, and When to Use @SpringBootTest

Spring Boot offers multiple testing approaches, each loading a different subset of the application context. The choice determines test speed, test scope, and how much infrastructure is required. Here is how to use each correctly.

Read more