# Errors

GraphQL errors return a standard `{ "errors": [...] }` payload with `message` and `extensions.code`.

| Situation | Typical response |
|  --- | --- |
| Missing token | HTTP 401 or GraphQL auth error |
| Invalid token | Authentication failure |
| Validation error | `GRAPHQL_VALIDATION_FAILED` |
| Permission denied | Field or operation not allowed for app scope |


Debug before production
Use the [in-app playground](https://karzoun.chat/developer/playground) to validate queries and inspect error payloads.

Open Playground
## Common fixes

- **401** — Check `x-app-token` header and app `isEnabled` status
- **Permission denied** — App user group may not include the operation; adjust scopes in `/developer/apps`
- **Validation** — Field names and arguments must match the [schema reference](/developers/apis/public-api)