Every error the LMS Backend returns follows a predictable JSON structure. Understanding this structure lets you write a single error-handling path in your client and branch onDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/Pragyat-Nikunj/Learning-Management-System-backend/llms.txt
Use this file to discover all available pages before exploring further.
status or HTTP status code only when you need to handle a specific case differently. There is one notable exception: validation errors use a distinct shape described below.
Standard error response
When a request fails, the server responds with a JSON object containingstatus and message fields. The status value is "fail" for client errors (4xx) and "error" for server errors (5xx), derived from the ApiError class in error.middleware.js.
NODE_ENV=development), the server appends the full stack trace to help you debug:
HTTP status codes
401 — Unauthenticated
401 — Unauthenticated
The request reached a protected route but no valid session was found. This happens in two situations, both handled by Token present but invalid or expired:To resolve a
isAuthenticated in auth.middleware.js:No token cookie present:401, sign in via POST /api/v1/user/signin to receive a fresh token cookie, then retry the request.400 — Validation error
400 — Validation error
Validation errors are returned by the There is no top-level
validate middleware in validation.middleware.js before a request handler runs. They use a different shape from all other errors: instead of a single message string, the response body is an object with an errors array. Each element identifies the invalid field and describes the problem.status key in validation error responses. Check for the presence of the errors array to detect this case in your client code.Common validation constraints enforced on sign-up:| Field | Rule |
|---|---|
email | Must be a valid email address |
name | 2–50 characters after trimming whitespace |
page (query) | Optional; must be a positive integer |
limit (query) | Optional; must be between 1 and 100 |
403 — Forbidden
403 — Forbidden
The request is authenticated but the caller does not have permission to perform the action. A common example is an instructor attempting to modify a course owned by a different instructor.A
403 is distinct from a 401: a 401 means the server does not know who you are; a 403 means the server knows who you are but is refusing the action.404 — Not found
404 — Not found
The requested resource does not exist. This is returned both for missing domain objects (a course, a user) and for routes that do not match any registered handler.Missing resource (e.g., course or user lookup):Unrecognized route:
500 — Internal server error
500 — Internal server error
An unexpected condition prevented the server from fulfilling the request. In production, the response contains only the message. In development, If you receive a
stack is also included.500, check the server logs. The error is logged to console.error with the full stack trace regardless of NODE_ENV.Validation errors vs. all other errors
The two response shapes are intentionally different. Use the table below to decide how to handle each in your client:| Condition | Top-level keys | How to detect |
|---|---|---|
| Standard error | status, message (+ stack in dev) | response.status !== 200; read body.message |
| Validation error | errors (array of { field, message }) | body.errors is an array |
Quick reference
| Status code | Meaning | status field |
|---|---|---|
400 | Validation failed — see errors array | (not present) |
401 | Not logged in or invalid token | "fail" |
403 | Authenticated but not permitted | "fail" |
404 | Resource or route not found | "fail" / "error" |
429 | Rate limit exceeded | (plain text message) |
500 | Unexpected server error | "error" |