NullSpend

Standard error response format and complete catalog of error codes returned by the NullSpend proxy and dashboard API.

Every error response from NullSpend — both the proxy and the dashboard API — uses the same format:

{
  "error": {
    "code": "budget_exceeded",
    "message": "Request blocked: estimated cost exceeds remaining budget",
    "details": null
  }
}

code — Machine-readable error identifier. Use this for programmatic handling.
message — Human-readable explanation.
details — Additional context (object or null). Present on validation errors, session limits, and velocity limits.

Proxy Errors

These errors are returned by the NullSpend proxy (proxy.nullspend.dev).

Authentication

Code	HTTP	When	Fix
`unauthorized`	401	`X-NullSpend-Key` header is missing, malformed, or the key has been revoked	Verify the header is present and the key is active in Settings

Budget Enforcement

Code	HTTP	When	Fix
`budget_exceeded`	429	Estimated cost of this request exceeds the remaining budget	Increase the budget ceiling, wait for the period to reset, or remove the budget
`customer_budget_exceeded`	429	Estimated cost exceeds the customer-level budget limit	Increase the customer budget or remove the limit. The response `details` includes `customer_id`, `budget_limit_microdollars`, and `budget_spend_microdollars`
`velocity_exceeded`	429	Spend rate within the velocity window exceeds the configured limit	Wait for the cooldown period (check `Retry-After` header). The response `details` includes `limitMicrodollars`, `windowSeconds`, and `currentMicrodollars`
`session_limit_exceeded`	429	Cumulative spend for this session ID exceeds the session limit	Start a new session (new `X-NullSpend-Session` value) or increase the session limit. The response `details` includes `session_id`, `session_spend_microdollars`, and `session_limit_microdollars`
`tag_budget_exceeded`	429	Estimated cost exceeds a tag-level budget limit	Adjust the tag budget. The response `details` includes `tag_key`, `tag_value`, `budget_limit_microdollars`, and `budget_spend_microdollars`

Per-Customer Budgets (`/v1/bind`, `/v1/gate`, `/v1/customers/:id/unit-economics`)

Code	HTTP	Endpoint	When	Fix
`invalid_customer_id`	400	bind, gate, unit-economics	`customerId` missing, malformed (non-`[a-zA-Z0-9._:-]+`), or exceeds 256 chars	Send a valid customer ID
`invalid_plan_ref`	400	bind	`planRef` missing or exceeds 256 chars	Provide a non-empty plan label
`invalid_budget_cap`	400	bind	`budgetCap` not a non-negative integer (microdollars)	Send an integer 0 or greater
`invalid_margin_target`	400	bind	`marginTargetPercent` outside 0–100	Send an integer between 0 and 100 (or omit)
`invalid_estimate`	400	gate	`estimatedCostMicrodollars` not a positive integer (zero rejected)	Send a positive integer microdollar estimate
`invalid_feature`	400	gate	`feature` empty or exceeds 256 chars	Send a non-empty string up to 256 chars (or omit)
`invalid_idempotency_key`	400	bind, gate	`Idempotency-Key` exceeds 256 chars or contains non-printable-ASCII	Use a printable-ASCII key under 256 chars
`customer_data_unsupported`	400	bind	`customer_data` / `customerData` field present (Sprint 2 scope)	Remove the field; revisit in Sprint 2 when Stripe revenue sync ships
`customer_not_allowed`	403	bind, gate	`customerId` outside the API key's `allowedCustomers` scope	Use a key whose scope includes this customer, or remove `allowedCustomers` from the key
`not_found`	404	unit-economics	Customer not bound under the auth-resolved org (also covers cross-org / disallowed-customer to prevent enumeration)	Verify the customer is bound under your org
`binding_inactive`	409	bind	Existing binding has `status = "suspended"` or `"archived"`; reactivation requires admin path (Sprint 2)	Reactivate via admin path (when shipped) or use a new customer ID
`idempotency_conflict`	409	bind, gate	Same `Idempotency-Key` reused with a different request body	Use a fresh idempotency key for the new request
`idempotency_unavailable`	503	bind, gate	Postgres-side idempotency persistence failed	Retry without `Idempotency-Key`, or retry later. The route fails closed so the caller knows the request is not safely retryable with the original key

See Unit Economics API for the full request/response shapes and the Per-Customer Budgets guide for the conceptual model. | loop_detected | 429 | Repeated identical or similar prompts exceeded the loop-detection threshold within the sliding window | Inspect agent logic for retry loops. Adjust thresholds in budget settings, or set loop_max_calls to disable. Retry-After returns the recommended cooldown | | plan_limit_exceeded | 429 | Org exceeded its NullSpend plan-tier governed-request cap (Free tier hard-blocks today) | Upgrade via the upgrade_url returned in the body, or wait for the next period reset. Top-level error.upgrade_url and error.self_host_url are set on this denial | | budget_unavailable | 503 | Budget enforcement service is temporarily unavailable | Retry after a brief delay. The proxy fails closed — requests are blocked, not passed through |

Policy (Mandates)

Code	HTTP	When	Fix
`mandate_violation`	403	The request's model or provider is not in the API key's `allowed_models` / `allowed_providers` policy	Use a model/provider on the allow list. The response `details` includes `mandate` (`"allowed_models"` or `"allowed_providers"`), `requested`, and `allowed`

Request Validation

Code	HTTP	When	Fix
`bad_request`	400	Request body is not valid JSON or is missing required fields	Check the request body format
`invalid_model`	400	The `model` field is not in the pricing catalog	Check supported models
`payload_too_large`	413	Request body exceeds 1 MB	Reduce the request body size
`invalid_upstream`	400	`X-NullSpend-Upstream` URL is not in the allowlist	Use the default upstream or contact support to add your URL
`invalid_estimate`	422	The cost estimator could not produce a finite cost (e.g., negative or non-finite `max_tokens`)	Check that `max_tokens` / `max_completion_tokens` are positive finite integers

Rate Limiting

Code	HTTP	When	Fix
`rate_limited`	429	Too many requests. Default limits: 120/min per IP, 600/min per API key	Reduce request rate. Check the `Retry-After` header for when to retry

Rate limit responses include X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, and Retry-After headers. See the headers reference. For the full rate limiting reference, see Rate Limits.

Upstream & Server

Code	HTTP	When	Fix
`upstream_error`	502	The upstream provider returned an error or no response body	Check the provider's status page (e.g., status.openai.com)
`not_found`	404	The requested endpoint is not supported by the proxy	Supported endpoints: `POST /v1/chat/completions` (OpenAI), `POST /v1/messages` (Anthropic), `POST /v1/mcp/budget/check`, `POST /v1/mcp/events`
`internal_error`	500	Unexpected server error	Retry the request. If persistent, contact support with the `X-NullSpend-Trace-Id` from the response

Dashboard API Errors

These errors are returned by the NullSpend dashboard API (nullspend.dev/api/).

Validation

Code	HTTP	When	Fix
`invalid_json`	400	Request body is not valid JSON	Send valid JSON with `Content-Type: application/json`
`validation_error`	400	Request failed schema validation	Check `details.issues` for specific field errors
`unsupported_media_type`	415	`Content-Type` is not `application/json`	Set the `Content-Type` header
`payload_too_large`	413	Request body exceeds the max size	Reduce the request body

Validation error details include an issues array:

{
  "error": {
    "code": "validation_error",
    "message": "Request validation failed.",
    "details": {
      "issues": [
        { "path": ["amount"], "message": "Expected number, received string" }
      ]
    }
  }
}

Resources

Code	HTTP	When	Fix
`not_found`	404	The requested resource does not exist	Verify the resource ID
`limit_exceeded`	409	Resource limit reached for the organization's tier (e.g., Free: 10 keys, 2 webhooks, 3 budgets)	Delete unused resources or upgrade to a higher tier

HITL Actions

Code	HTTP	When	Fix
`invalid_action_transition`	409	Invalid state transition (e.g., approving an already-rejected action)	Check the action's current state before transitioning
`stale_action`	409	The action was modified by another actor since you last fetched it	Re-fetch the action and retry
`action_expired`	409	The action's TTL has expired	Create a new action

Rate Limiting

Code	HTTP	When	Fix
`rate_limit_exceeded`	429	Too many requests (per-IP or per-key)	Reduce request rate. Check the `Retry-After` header

Note: The proxy uses rate_limited while the dashboard API uses rate_limit_exceeded. Handle both codes if your application calls both services.

Authentication & Authorization

Code	HTTP	When	Fix
`authentication_required`	401	No valid session or API key	Log in or provide a valid `X-NullSpend-Key` header
`forbidden`	403	Authenticated but not authorized to access this resource	Verify you own the resource

Server

Code	HTTP	When	Fix
`service_unavailable`	503	A downstream service is temporarily unavailable	Retry after a brief delay
`internal_error`	500	Unexpected server error	Retry the request

HTTP Status Code Summary

Status	Meaning
400	Bad request — check your input
401	Identity unknown — check your API key or session
403	Identity known but not authorized
404	Resource or endpoint not found
409	Conflict — resource limit or state conflict
413	Request body too large
415	Wrong content type
429	Rate or budget limit exceeded — check `Retry-After`
500	Server error — retry
502	Upstream provider error
503	Service temporarily unavailable — retry

Handling Errors Programmatically

const response = await fetch("https://proxy.nullspend.dev/v1/chat/completions", {
  method: "POST",
  headers: {
    "Authorization": `Bearer ${process.env.OPENAI_API_KEY}`,
    "X-NullSpend-Key": process.env.NULLSPEND_API_KEY,
    "Content-Type": "application/json",
  },
  body: JSON.stringify({ model: "gpt-4o", messages: [{ role: "user", content: "Hello" }] }),
});

if (!response.ok) {
  const { error } = await response.json();
  switch (error.code) {
    case "budget_exceeded":
      // Notify the user, queue for later, or request budget increase
      break;
    case "velocity_exceeded":
      // Back off and retry after Retry-After seconds
      const retryAfter = response.headers.get("Retry-After");
      break;
    case "rate_limited":
      // Reduce request rate
      break;
    case "loop_detected":
      // Stop the agent loop — repeated calls were blocked
      break;
    case "plan_limit_exceeded":
      // Surface the upgrade CTA
      console.log(`Plan cap hit. Upgrade: ${error.upgrade_url}`);
      break;
    case "mandate_violation":
      // Switch to an allowed model/provider
      console.log(`Allowed: ${error.details?.allowed?.join(", ")}`);
      break;
    default:
      console.error(`NullSpend error: ${error.code} — ${error.message}`);
  }
}

API Reference

API Overview — authentication, pagination, ID formats
Cost Events API — ingest, list, and analyze cost events
API Keys API — create, list, revoke keys, and introspect identity
Budgets API — create, manage, and query budgets
Webhooks API — manage webhook endpoints and deliveries
Actions API — human-in-the-loop approval workflows

Errors

On this page