Schema, contract, and parameter constraint validation failures.
Last reviewed: February 13, 2026|54 mapped errors|Page 3 of 4
Validation errors indicate request payload, query parameters, or API contract expectations were not satisfied by caller input.
Provider-specific error pages mapped to this category (54 total). Showing 31-45.
AWS RequestExpired (Request Expired) means the request reached AWS outside the allowed signature time window. In AWS APIs, this error returns HTTP 400.
AWS ResourceNotFoundException (Resource Not Found Exception) means the target resource for that service operation cannot be found in the active request scope. Many AWS APIs return HTTP 404 for this error, while some services use HTTP 400.
AWS TransactionConflictException means a DynamoDB transactional request conflicted with another concurrent item update (HTTP 400).
IAM returns `UnmodifiableEntity` when a protected resource, typically a service-linked role, is managed only by the owning AWS service and cannot be changed directly. IAM returns HTTP 400 for this condition.
AWS ValidationException (Validation Exception) means the input fails service validation constraints. In AWS APIs, this error returns HTTP 400.
Microsoft Entra ID returns `AADSTS90002` when the tenant identifier in the auth request cannot be found or resolved.
ARM returns `BadRequest` when deployment values or request structure do not match what Resource Manager expects.
Azure Storage returns `InvalidAuthenticationInfo` (401) when request authentication details are missing or invalid and the service cannot authenticate the caller.
ARM returns `InvalidRequestContent` when deployment payload values are unrecognized for the target resource type or required values are missing.
Azure returns `StorageAccountAlreadyTaken` when the requested storage account name is already in use globally.
ARM returns `SubscriptionNotFound` when the deployment subscription cannot be accessed due to wrong subscription ID, format, or insufficient access.
Azure returns `ValidationError` when request values violate provider-side semantic rules, even if request syntax is structurally valid.
GCP INVALID_ARGUMENT means request input is malformed or violates API constraints, independent of current resource state.
GCP INVALID_REQUEST is typically a service-specific reason indicating malformed or semantically unsupported request composition.
HTTP 400 Bad Request means the server cannot process the request because syntax, framing, or parameters are invalid.
Compare Guide
Fix API payload issues faster by using 400 for malformed syntax and 422 for semantic validation failures, so clients correct format before business rules.
Playbook
Use this playbook to separate browser-enforced cross-origin policy failures from server-side CORS header and route defects and apply strict origin and credential controls safely.
Playbook
Use this playbook to separate malformed-request failures from semantic validation failures, then fix request contracts without broad server-side bypasses.
Contract expectations can change by version. If client and server versions drift, previously accepted fields or formats can become invalid.
Capture and diff full request payloads against a known-good example, then validate each field against the live API schema and constraints.
No. 400 is a broad class. Confirm whether the failure is contract validation, authentication syntax, or malformed transport metadata.