Every microservice in the Digital Money House platform defines aDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/Gianluca-X/DigitalMoney/llms.txt
Use this file to discover all available pages before exploring further.
@ControllerAdvice-annotated handler class that intercepts uncaught exceptions and converts them into well-structured HTTP responses. This centralised approach means you can write a single error-handling path in your client regardless of which service produced the error — the response shape and the mapping from exception type to HTTP status code are predictable and documented here.
Error Response Format
The accounts-serviceGlobalExceptionHandler returns a JSON object with four fields for every handled exception:
When parsing error responses, always inspect the HTTP status code first. Fall back to reading the
message field (accounts-service) or the raw response body (auth-service, user-service) to present a human-readable explanation.Exception Types and HTTP Status Codes
Accounts-service (GlobalExceptionHandler)
| Exception | HTTP Status | Meaning |
|---|---|---|
ResourceNotFoundException | 404 Not Found | Resource (account, card, etc.) does not exist |
BadRequestException | 400 Bad Request | Invalid request data or business rule violation |
ConflictException | 409 Conflict | State conflict (duplicate resource, etc.) |
UnauthorizedException | 401 Unauthorized | Caller does not have permission for the action |
AccessDeniedException (Spring Security) | 403 Forbidden | Access denied by the security layer |
InsufficientFundsException | 400 Bad Request | Sender balance is too low for the transfer |
CardAlreadyExistsException | 409 Conflict | Card has already been registered on the account |
CardNotFoundException | 404 Not Found | Specified card does not exist |
Exception (catch-all) | 500 Internal Server Error | Unhandled server-side error |
Auth-service (AuthExceptionHandler)
| Exception | HTTP Status | Meaning |
|---|---|---|
UserNotFoundException | 400 Bad Request | No user found matching the supplied email |
InvalidVerificationCodeException | 400 Bad Request | Email verification code is missing or incorrect |
InvalidPasswordException | 400 Bad Request | Password does not meet the required format |
EmailNotVerifiedException | 403 Forbidden | Login attempted before email address is verified |
Exception (catch-all) | 500 Internal Server Error | Unhandled server-side error |
User-service (GlobalExceptionHandler)
| Exception | HTTP Status | Meaning |
|---|---|---|
UnauthorizedException | 401 Unauthorized | Caller is not authorised to perform the action |
EmailAlreadyRegisteredException | 400 Bad Request | Duplicate email during registration |
UserNotFoundException | 404 Not Found | No user found with the given ID or email |
InvalidTokenException | 401 Unauthorized | Token is missing, malformed, or expired |
DniAlreadyExistsException | 400 Bad Request | DNI (national ID) is already registered |
AliasAlreadyExistsException | 400 Bad Request | Chosen account alias is already in use |
Exception (catch-all) | 500 Internal Server Error | Unhandled server-side error |
Notes on Specific Status Codes
410 Gone for Insufficient Funds
The cash-transfer endpoint (POST /accounts/{accountId}/transferences/money) catches InsufficientFundsException explicitly in the controller and returns 410 Gone:
If the same
InsufficientFundsException reaches the GlobalExceptionHandler (rather than the controller’s local catch block), it is mapped to 400 Bad Request instead. Clients should handle both 400 and 410 as potential insufficient-funds signals on transfer endpoints.403 vs 401 for Authentication and Authorisation Failures
| Scenario | Status |
|---|---|
No Authorization header present (accounts-service filter) | 401 Unauthorized |
| Malformed or expired JWT (accounts-service filter) | 401 Unauthorized |
EmailNotVerifiedException (auth-service) | 403 Forbidden |
AccessDeniedException from Spring Security (accounts-service) | 403 Forbidden |
UnauthorizedException (user-service or accounts-service) | 401 Unauthorized |
409 Conflict for Duplicate Resources
Attempting to register a card that already exists, register an email that is already in use, or set an alias or DNI that is already taken all produce 409 Conflict (accounts-service) or 400 Bad Request (user-service, which usesBAD_REQUEST for duplicate email, DNI, and alias).
Example Error Responses
Insufficient funds (410) — transfer endpoint:Handling Errors in Client Code
A robust client should follow this pattern when consuming any Digital Money House endpoint:- Check the HTTP status code before attempting to parse the body.
- For 4xx responses, parse the error body. Accounts-service returns a JSON object — read the
messagefield. Auth-service and user-service return a plain string. - For 5xx responses, surface a generic failure message and log the raw body for diagnostics. Do not retry 5xx responses automatically without exponential backoff.
- For 401, clear the stored token and redirect to the login screen — the session has expired or the token is invalid.
- For 403, inform the user they do not have permission for the action. Do not re-authenticate; the token itself is valid.
Validation Errors
Several endpoints accept request bodies annotated with@Valid (e.g. user registration and update endpoints in the user-service). When a submitted field fails a Bean Validation constraint, Spring returns 400 Bad Request with a validation-error payload before the request even reaches controller logic. The response body in this case comes from Spring’s default MethodArgumentNotValidException handler, not from the custom GlobalExceptionHandler, and contains an errors array listing each failed field and constraint message.
