← Back to Dashboard Download .md

Errors

The API uses standard HTTP status codes to indicate the success or failure of requests.

Code Meaning Description
200 OK Request succeeded.
401 Unauthorized Invalid or missing API token.
403 Forbidden Token lacks permission for this scope.
404 Not Found The requested resource does not exist.
429 Too Many Requests You have exceeded your daily rate limit.
500 Server Error Something went wrong on our end.

Error Format

Errors are returned as JSON objects:

{
    "message": "Unauthenticated."
}

Or for rate limits:

{
    "error": "rate_limit_exceeded",
    "message": "Daily request limit exceeded.",
    "upgrade_url": "..."
}

VIP Feature Restrictions

If you attempt to use a feature that requires a VIP plan (e.g., Brute Force mode), you will receive a 403 Forbidden response:

{
    "error": "feature_not_available",
    "message": "Brute force mode is not available on the Free plan. Upgrade to VIP for full access.",
    "allowed_modes": ["smart", "dictionary"]
}

Plan Limits

If you exceed a limit specific to your plan (e.g., wordlist size), you will also receive a 403 Forbidden response explaining the limit:

{
    "error": "limit_exceeded",
    "message": "Free plan is limited to 1000 passwords per request. Upgrade to VIP for unlimited.",
    "limit": 1000,
    "provided": 10000
}

Policy Agreement Required

If you haven't agreed to the latest Terms of Service or Privacy Policy, all API requests will return a 403 Forbidden response:

{
    "error": "policy_agreement_required",
    "message": "You must agree to the updated policies before using the API.",
    "pending_policies": [
        {
            "type": "terms_of_service",
            "title": "Terms of Service",
            "version": "1.0"
        },
        {
            "type": "privacy_policy",
            "title": "Privacy Policy",
            "version": "1.0"
        }
    ],
    "agreement_url": "https://developer.nabzclan.vip/dashboard/policy"
}

To resolve this error, visit the agreement_url and accept the pending policies.

Token Restrictions

If your API token is restricted to specific IP addresses or domains and the request comes from an unauthorized source, you will receive a 403 Forbidden response:

{
    "message": "Access denied: Invalid IP address."
}

or

{
    "message": "Access denied: Invalid domain."
}

Ensure your server's IP address is whitelisted in your token settings or that you are sending the correct Referer / Origin header if using domain restrictions.