Schema, contract, and parameter constraint validation failures.
Last reviewed: March 2, 2026|64 mapped errors|Page 3 of 5
Validation errors indicate request payload, query parameters, or API contract expectations were not satisfied by caller input.
Provider-specific error pages mapped to this category (64 total). Showing 31-45.
AWS S3 NotImplemented (HTTP 501) occurs when a request uses a feature or header that is recognized by the S3 protocol but not implemented by the specific endpoint. It is commonly encountered on S3-compatible storage providers or legacy regional endpoints.
AWS PasswordPolicyViolation means the provided password does not satisfy the active IAM account password policy (HTTP 400).
AWS PolicyNotAttachable means the policy cannot be attached because service-role policies are attachable only to their service-linked roles (HTTP 400).
AWS RequestExpired (Request Expired) means the request reached AWS outside the allowed signature time window. In AWS APIs, this error returns HTTP 400.
AWS ResourceInUseException means the requested DynamoDB operation cannot be performed because the target table or index is currently being created, updated, or deleted. The resource is in a transitional state that does not accept the requested change.
AWS ResourceNotFoundException (Resource Not Found Exception) means the target resource for that service operation cannot be found in the active request scope. Many AWS APIs return HTTP 404 for this error, while some services use HTTP 400.
AWS TokenRefreshRequired means the temporary token in the request must be refreshed before Amazon S3 will accept the operation. In Amazon S3, this error returns HTTP 400.
AWS TransactionConflictException means a DynamoDB transactional request conflicted with another concurrent item update (HTTP 400).
IAM returns `UnmodifiableEntity` when a protected resource, typically a service-linked role, is managed only by the owning AWS service and cannot be changed directly. IAM returns HTTP 400 for this condition.
AWS ValidationException (Validation Exception) means the input fails service validation constraints. In AWS APIs, this error returns HTTP 400.
Azure AADSTS70011 is a request-shape failure indicating that the `scope` parameter in the authentication request is malformed, misspelled, or contains scopes from multiple unrelated resources in a single token request.
Microsoft Entra ID returns `AADSTS90002` when the tenant identifier in the auth request cannot be found or resolved.
ARM returns `BadRequest` when deployment values or request structure do not match what Resource Manager expects.
Azure Storage returns `InvalidAuthenticationInfo` (401) when request authentication details are missing or invalid and the service cannot authenticate the caller.
ARM returns `InvalidRequestContent` when deployment payload values are unrecognized for the target resource type or required values are missing.
Compare Guide
Fix API payload issues faster by using 400 for malformed syntax and 422 for semantic validation failures, so clients correct format before business rules.
Playbook
Use this playbook to separate browser-enforced cross-origin policy failures from server-side CORS header and route defects and apply strict origin and credential controls safely.
Playbook
Use this playbook to separate malformed-request failures from semantic validation failures, then fix request contracts without broad server-side bypasses.
Contract expectations can change by version. If client and server versions drift, previously accepted fields or formats can become invalid.
Capture and diff full request payloads against a known-good example, then validate each field against the live API schema and constraints.
No. 400 is a broad class. Confirm whether the failure is contract validation, authentication syntax, or malformed transport metadata.