For a comprehensive list of all possible scenarios, per API endpoint, check all the possible HTTP status codes...
... as well as all the potential errors that may be contained under that HTTP status code.
400 Bad Request
: The request is malformed or didn’t pass validation according to the endpoint’s OpenAPI schema.401 Unauthorized
: The request is missing authentication credentials or the provided credentials are invalid.403 Forbidden
: The request is authenticated but doesn’t have the necessary permissions (token scopes) to access the resource.404 Not Found
: The requested resource doesn’t exist.409 Conflict
: The request failed due to a business logic error.429 Too Many Requests
: The client has sent too many requests in a given amount of time and is being rate-limited.code
field in the error payload is where you primarily should look as it provides a more granular description of the failure.