GraphQL errors return a standard { "errors": [...] } payload with message and extensions.code.
| Situation | Typical response |
|---|---|
| Missing token | HTTP 401 or GraphQL auth error |
| Invalid token | Authentication failure |
| Validation error | GRAPHQL_VALIDATION_FAILED |
| Permission denied | Field or operation not allowed for app scope |
Debug before production
Use the in-app playground to validate queries and inspect error payloads.
- 401 — Check
x-app-tokenheader and appisEnabledstatus - Permission denied — App user group may not include the operation; adjust scopes in
/developer/apps - Validation — Field names and arguments must match the schema reference