API debug mode
Enable the API debug mode
To use the API debug mode, you have to enable it. You can find this setting in the project settings, and you have to enable it for every project for which you want to use the API debug mode.
Use the API debug mode
If a verification or statistic API request fails or returns a non-successful response, the API will add more data if the API debug mode is enabled. This can help to understand why a request failed.
Example
If the request signature for a request was not successfully verified, the API will return the following response:
Without API debug mode enabled
{
"error":true,
"errorMessage":"Request invalid."
}
With API debug mode enabled
{
"error":true,
"errorMessage":"Request invalid.",
"debugInformation":{
"reason":"hmac_hash_invalid",
"expectedHmacHash":"85def7eb34fb888b0f7cc81e2ce416bf991498021cb302bf74cd1ed014384240",
"receivedHmacHash":"85def7eb34fb888b0f7cc81e2ce416bf991498021cb302bf74cd1ed014384241",
"payload":"\/api\/v1\/verification\/verify{\u0022submitToken\u0022:\u0022tMGF3RKb7u0Lg43R0aNmEvqFiBeb5f4jFu9jRnMGx2Q\u0022,\u0022validationSignature\u0022:\u00220d3aaea371261e6c7500dcee54fe23dceb12762a315df8bf539a9f5694442dbb\u0022,\u0022formSignature\u0022:\u002239a1b002684efdffb4255960520cc98d30de62a56299b585ebebd6beb090ed1f\u0022,\u0022formData\u0022:{\u0022emailAddress\u0022:\u002290adf74020cede3f838394bfc64d2981f7a60f06bd91dd55fcdf299970a3b1b9\u0022,\u0022first-name\u0022:\u00222d973910e3661a7aa7b6652ea399ad0134baabf8b8ede57e8061fe5e699c20fd\u0022,\u0022last-name\u0022:\u002246807bff9019eb387190a79fc24ccff43220ffd92cbf5897dd7cd0b3deddb4ea\u0022,\u0022message\u0022:\u0022304cc1877b9b333c560188e306f9f21a4880fdf2ff98e33f7c840fffd41a19cb\u0022,\u0022website\u0022:\u0022e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855\u0022}}"
}
}
Additionally available data
The additional debug data is added to the response in the field debugInformation. If this field is unavailable in the response, then the API debug mode is either not enabled, or the request was successful. If the verification request was successful, but not all fields could be verified successfully, the debug data is added to the list of issues for every field.
The fields below are set in the response, depending on the type of error:
| Field name | APIs | Type of error | Description |
|---|---|---|---|
reason | Both | General error | Specifies the reason why the request failed (see Reasons). |
expectedHmacHash | Both | Authorization error | Specifies the hash which mosparo calculated. |
receivedHmacHash | Both | Authorization error | Specifies the hash which mosparo received. |
payload | Both | Authorization error | Specifies the data mosparo used to calculate the HMAC hash. |
hasSubmitToken | Verification | Verification error | Specifies if the submit token was set in the request. |
hasValidationSignature | Verification | Verification error | Specifies if the validation signature was set in the request. |
hasFormSignature | Verification | Verification error | Specifies if the form signature was set in the request. |
minimumTimeExpected | Verification | Verification error | Specifies the expected minimum time if the minimum time security feature is enabled. |
minimumTimeElapsed | Verification | Verification error | Specifies the elapsed time if the minimum time security feature is enabled. |
expectedSignature | Verification | Verification error | Specifies the expected validation signature. |
receivedSignature | Verification | Verification error | Specifies the received validation signature. |
signtaurePayload | Verification | Verification error | Specifies the payload used to calculate the expected signature. |
expectedValue | Verification | Field verification error | Specifies the expected value for the field. |
receivedValue | Verification | Field verification error | Specifies the received value for the field. |
Reasons
| Reason | Description |
|---|---|
field_not_in_received_data | The hash for this field was not set in the request. |
field_signature_invalid | The hash for the field calculated by mosparo is different from the hash specified in the request. |
hmac_hash_invalid | The request signature, an HMAC hash specified as the password in the Authorization header, was not equal to the expected one. |
minimum_time_invalid | The minimum time has not elapsed, and the verification is too early. |
required_parameter_missing | One of the required parameters is missing. |
submit_token_not_found | The given submit token cannot be found in the database. |
submit_token_not_valid | The given submit token is invalid, maybe because the submit token was already used. |
validation_signature_invalid | The given validation signature is different from the one mosparo has calculated. |