Skip to content

Standardized responses

Successful responses

200 - OK 

HTTP/1.1 200 OK
cache-control: no-cache,no-store,max-age=0,must-revalidate 
content-type: application/json 
date: Thu,27 Nov 2025 12:13:03 GMT 
expires: 0 
pragma: no-cache 
strict-transport-security: max-age=31536000; includeSubDomains 
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers 
x-trace-id: a1b2c3d4-e5f6-7890-abcd-ef1234567890
x-tenant: 1
x-content-type-options: nosniff 
x-frame-options: DENY 
x-record-pages: {"totalRecordsCount":1008,"totalPagesCount":51,"currentPageNumber":1,"firstPageNumber":1,"lastPageNumber":20} 
x-xss-protection: 0

[
{
    "code": "LOST",
    "description": "Lost"
},
{
    "code": "HOLDER_REQUEST",
    "description": "Requested by holder"
},
{
    "code": "STOLEN",
    "description": "Stolen"
},
{
    "code": "DETAINED",
    "description": "Detained"
},
{
    "code": "BANK",
    "description": "Bank"
},
{
    "code": "FRAUD",
    "description": "Fraud"
},
{
    "code": "BLOCK_ACCOUNT",
    "description": "Account blocked"
}
]

201 - Created 
HTTP/1.1 201 Created
cache-control: no-cache,no-store,max-age=0,must-revalidate 
content-type: application/json 
date: Thu,27 Nov 2025 12:13:03 GMT 
expires: 0 
pragma: no-cache 
strict-transport-security: max-age=31536000; includeSubDomains 
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers 
x-trace-id: a1b2c3d4-e5f6-7890-abcd-ef1234567890
x-tenant: 1
x-content-type-options: nosniff 
x-frame-options: DENY 
x-xss-protection: 0

  {
    "cardId": 32,
    "expiryDate": "2028-04-01T00:00:00Z"
  }
Parameter Location Type Example Description
cardId body integer 265 Internal Card ID
expiryDate body date "2024-04-10T08:54:30.070Z" Expiry date of Card
204 - No content 
HTTP/1.1 204 No content
cache-control: no-cache,no-store,max-age=0,must-revalidate 
date: Thu,27 Nov 2025 12:13:03 GMT 
expires: 0 
pragma: no-cache 
strict-transport-security: max-age=31536000; includeSubDomains 
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-trace-id: a1b2c3d4-e5f6-7890-abcd-ef1234567890
x-tenant: 1 
x-content-type-options: nosniff 
x-frame-options: DENY 
x-xss-protection: 0

Error responses

If a specific endpoint doesn’t list an error explicitly, it follows the same general error conventions based on standard RFC 7807: Problem Details for HTTP APIs.

Example

HTTP/1.1 404 Not Found
cache-control: no-cache,no-store,max-age=0,must-revalidate 
content-type: application/json 
date: Thu,27 Nov 2025 12:38:16 GMT
expires: 0 
pragma: no-cache 
strict-transport-security: max-age=31536000; includeSubDomains 
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-trace-id: a1b2c3d4-e5f6-7890-abcd-ef1234567890
x-tenant: 1 
x-content-type-options: nosniff 
x-frame-options: DENY 
x-xss-protection: 0 

{
  "type": "https://test.lightcms.io/problems/resource/entity-not-found",
  "title": "Entity not found",
  "status": 404,
  "detail": "Entity with id 108564234 not found in DB.",
  "instance": "/cms/v1/cards/108564234/activate",
  "timestamp": "2024-04-10T09:12:33.210Z",
  "traceId": "a1b2c3d4-e5f6-7890-abcd-ef1234567890"
  "tenant": "1"
}

List of generic error responses

400 - Bad Request - Incorrect request 
HTTP/1.1 400 Bad Request
cache-control: no-cache,no-store,max-age=0,must-revalidate 
content-type: application/json 
date: Thu,27 Nov 2025 12:38:16 GMT
expires: 0 
pragma: no-cache 
strict-transport-security: max-age=31536000; includeSubDomains 
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers 
x-trace-id: a1b2c3d4-e5f6-7890-abcd-ef1234567890
x-tenant: 1
x-content-type-options: nosniff 
x-frame-options: DENY 
x-xss-protection: 0 

{
"type": "https://test.lightcms.io/problems/request-invalid",
"title": "Bad Request",
"status": 400,
"detail": "The request could not be understood or is missing required parameters.",
"instance": "/cms/v1/cards/108564234/activate"
"timestamp": "2024-04-10T08:44:01.857Z",
"traceId": "a1b2c3d4-e5f6-7890-abcd-ef1234567890"
"tenant": "1"
}
400 - Bad Request - Incorrect request parameters 

HTTP/1.1 400 Bad Request
cache-control: no-cache,no-store,max-age=0,must-revalidate 
content-type: application/json 
date: Thu,27 Nov 2025 12:38:16 GMT
expires: 0 
pragma: no-cache 
strict-transport-security: max-age=31536000; includeSubDomains 
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers 
x-trace-id: a1b2c3d4-e5f6-7890-abcd-ef1234567890
x-tenant: 1
x-content-type-options: nosniff 
x-frame-options: DENY 
x-xss-protection: 0 

{
"type": "https://test.lightcms.io/problems/request-invalid-params",
"title": "Bad Request - incorrect parameters",
"status": 400,
"detail": "The request is missing required parameters.",
"instance": "/cms/v1/holders/1000105'"
"timestamp": "2024-04-10T08:44:01.857Z",
"traceId": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"tenant": "1"
"invalid-params":
    [{
    "name": "holder.residenceAddress.country",
    "reason": "must be a valid alpha3 country code"
    },
    {
    "name": "holder.sex",
    "reason": "must be value MALE or FEMALE"
    }]
}

500 - Internal error 

HTTP/1.1 500 Internal Server Error
cache-control: no-cache,no-store,max-age=0,must-revalidate 
content-type: application/json 
date: Thu,27 Nov 2025 12:38:16 GMT
expires: 0 
pragma: no-cache 
strict-transport-security: max-age=31536000; includeSubDomains 
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers 
x-trace-id: a1b2c3d4-e5f6-7890-abcd-ef1234567890
x-tenant: 1
x-content-type-options: nosniff 
x-frame-options: DENY 
x-xss-protection: 0 

{
"type": "https://test.lightcms.io/problems/internal-error",
"title": "Internal Server Error",
"status": 500,
"detail": "The server encountered an unexpected condition that prevented it from fulfilling the request.",
"instance": "/cms/v1/cards/108564234/activate",
"timestamp": "2024-04-10T08:44:01.857Z",
"traceId": "a1b2c3d4-e5f6-7890-abcd-ef1234567890"
"tenant": "1"
}

403 - Forbidden 

HTTP/1.1 403 Forbidden
cache-control: no-cache,no-store,max-age=0,must-revalidate 
content-type: application/json 
date: Thu,27 Nov 2025 12:38:16 GMT
expires: 0 
pragma: no-cache 
strict-transport-security: max-age=31536000; includeSubDomains 
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers 
x-trace-id: a1b2c3d4-e5f6-7890-abcd-ef1234567890
x-tenant: 1
x-content-type-options: nosniff 
x-frame-options: DENY 
x-xss-protection: 0 

{
"type": "https://test.lightcms.io/problems/forbidden",
"title": "Forbidden",
"status": 403,
"detail": "You do not have permission to activate this card.",
"instance": "/cms/v1/cards/108564234/activate"
"timestamp": "2024-04-10T08:44:01.857+1:00",
"traceId": "a1b2c3d4-e5f6-7890-abcd-ef1234567890"
"tenant": "1"
}

404 - Not found 

HTTP/1.1 404 Not Found
cache-control: no-cache,no-store,max-age=0,must-revalidate 
content-type: application/json 
date: Thu,27 Nov 2025 12:38:16 GMT
expires: 0 
pragma: no-cache 
strict-transport-security: max-age=31536000; includeSubDomains 
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers 
x-trace-id: a1b2c3d4-e5f6-7890-abcd-ef1234567890
x-tenant: 1
x-content-type-options: nosniff 
x-frame-options: DENY 
x-xss-protection: 0 

{
"type": "https://test.lightcms.io/problems/resource/entity-not-found",
"title": "Entity not found",
"status": 404,
"detail": "Entity with id 108564234 not found in DB.",
"instance": "/cms/v1/cards/108564234/activate",
"timestamp": "2024-04-10T09:12:33.210Z",
"traceId": "a1b2c3d4-e5f6-7890-abcd-ef1234567890"
"tenant": "1"
}