Errors
Muamla uses conventional HTTP status codes. Every error response has the same JSON shape.
json
{
"error": {
"code": "invalid_amount",
"message": "amount must be an integer ≥ 100 (smallest MRU unit)."
}
}Status codes
| HTTP | Meaning |
|---|---|
200 / 201 | Success. |
400 | Validation error — check the message. |
401 | Missing, malformed, or invalid API key / credentials. |
403 | The key type isn't allowed (e.g. a publishable key on a secret-only endpoint). |
404 | The resource doesn't exist. |
409 | Conflict (e.g. the invoice has expired). |
500 | Unexpected server error — safe to retry. |
501 | Not implemented yet (e.g. live bank verification). |
503 | Service not configured (database unavailable). |
Error codes
| Code | HTTP | When |
|---|---|---|
unauthorized | 401 | No / invalid / revoked API key. |
forbidden | 403 | Secret key required for this endpoint. |
invalid_amount | 400 | amount missing or below 100. |
invalid_description | 400 | description missing. |
invalid_phone | 400 | phone missing when submitting a payment. |
not_found | 404 | Invoice not found. |
invoice_expired | 409 | Payment attempted after expired_at. |
not_implemented | 501 | Live bank verification not enabled yet. |
internal_error | 500 | Unexpected error — retry with backoff. |
Retries
Retry on 500 and network/timeout errors with exponential backoff. Do not retry 400/401/403/404 — fix the request instead.