Error Messages


What to Check

VLT-100: JSON validation error:

Check the submitted JSON is structurally correct.

VLT-102: Missing Required Field; One or More of

Messages lists missing field(s).

VLT-103: Authentication Failure.

Improperly calculated HMAC.

VLT-104: Authentication Failure.

Invalid credentials.

VLT-105: Authentication Failure.

Invalid credentials.

VLT-106: JSON Encode Error:

Review JSON formatting against documentation. Check the returned error message for specifics.

VLT-107: JSON Decode Error:

A frequent error is sending the ‘id’ parameter as a string vs. an integer. The ‘id’ parameter is the only integer in the tokenization API.

VLT-108: Submitted JSON missing ‘params’ value.

VLT-109: ‘token’ parameter length > 40 bytes.

Occurs when generating your own token IDs.

VLT-110: Header X-VAULT-TRACE-UID length > 64 bytes.

Reduce size of unique tracking ID.

VLT-111: ‘last4’ parameter larger than four UTF-8 characters.

Reduce size of string when manually setting ‘last4’ parameter.

VLT-112: This method is missing the following fields. Method:

Modify the API call to send the required field(s).

VLT-113: ‘last4’ parameter is not a valid four character UTF-8 string.

Possibly sending non UTF-8 encoded string.

VLT-114: Invalid Request.

Unable to understand what was sent via POST.

VLT-115: This method has parameters that are non valid UTF-8 strings. Method:

VLT-116: ‘encryptedValue’ parameter length > 11,000 bytes.

Occurs when using the store (vs. encrypt) methods. Maximum storable value length is 11,000 bytes, not 11,000 characters.

VLT-117: Invalid request. Does not have ‘params’ array.

VLT-118: Invalid request. Does not contain ‘transaction’ element, or it is not complete.

VLT-120: Request header X-VAULT-HMAC is missing.

VLT-121: Header ‘X-VAULT-TRACE-UID’ contains non-ASCII characters.

VLT-122: Unsupported HTTP Method.

POST is the only supported action.

VLT-130: Unknown Method:

VLT-132: Invalid Method:

VLT-133: Invalid Action:

The AuricVault® service does not recognize the requested payment action.

VLT-134: Processor does not support action:

The payment processor does not support the requested action.

VLT-139: Invalid Parameter Format.

VLT-153: JSON Decode error

VLT-154: Invalid JSON request:

VLT-155: Invalid amount:

VLT-160: Database Connection Failure.

VLT-171: ‘plainText’ parameter length > 11,000 bytes.

Occurs when using the encrypt, session_encrypt, or reencrypt requests. Maximum storable value length is 11,000 bytes, not 11,000 characters.

VLT-172: Invalid or expired session.

Sessions expire after 10 minutes.

VLT-173: ‘store_token’ attempted to overwrite existing token. Use ‘update_token’ to overwrite.

VLT-174: ‘update_token’ attempted to update non-existing token. Use ‘store_token’ instead.

VLT-175: ‘retrieve_token’ method cannot decrypt stored data. Use ‘decrypt’.

VLT-176: Token not found, or user does not have segment access privilege.

VLT-177: ‘decrypt’ method cannot decrypt user-encrypted data. Use ‘retrieve_token’.

VLT-178: Unable to validate session credentials.

The sessionID sent in with the session_encrypt or session_decrypt request is invalid.
  • Session ID has expired. The IDs are only good for 10 minutes.

  • Session ID used more than once. We’ve seen instances where the data flow causes the sessionID to be used twice.

  • Used too quickly from different vault.

    • We maintain the vault01 and vault02 servers.

    • It takes a few seconds for the session ID to replicate between the two.

    • If you are generating a session in vault01 then quickly trying to use it in vault02 you can see this error.

  • In rare occasions, people have left their debug code turned on, so they are getting session IDs from the sandbox and

    trying to use them in production.

VLT-179: Token already exists.

VLT-181: No ‘Read’ privilege.

VLT-182: No ‘Write’ privilege.

VLT-183: No ‘Delete’ privilege.

VLT-184: No ‘Encrypt’ privilege.

VLT-185: No ‘Decrypt’ privilege.

VLT-186: No ‘Token Info’ privilege.

VLT-187: No ‘Touch Token’ privilege.

VLT-188: Need ‘Encrypt’ or ‘Session Decrypt’ privilege to obtain a session.

VLT-189: No ‘Session Decrypt’ privilege.

VLT-190: Message timestamp is more than 30 seconds older than server time. Messages must be within a few seconds of current time. This reduces chance of a replay attack. Maintain an accurate time service (NTP) on your server. Browser-side requests do not check time.

VLT-191: Message timestamp is more than 5 seconds newer than server time.

VLT-193: No ‘Process Payment’ privilege.

VLT-194: No ‘Token Swap’ privilege.

VLT-195: Both token and auvToken fields are set. Use only one.

VLT-196: Unknown payment processor:

VLT-197: Specified both an account and a token. Use one or the other.

VLT-200: Unknown segment:

VLT-201: Unknown retention policy:

VLT-202: Invalid date; expected format is YYYY-MM-DD

VLT-203: Session token list limited to 5 tokens.

VLT-204: Requested token not in session decrypt token list.

VLT-205: Session contains decrypt token list. Cannot be used for encrypt.

VLT-206: Session request cannot have both ‘token list’ and ‘store-only’ parameters.

VLT-207: Decrypt session request must have ‘token list’ parameter.

VLT-208: Decrypt request for store-only token.

VLT-209: Requesting decrypt but session is encrypt-only.

VLT-210: Requesting encrypt but session is decrypt-only.

VLT-211: Need ‘Encrypt’ privilege to obtain a session.

VLT-212: Need ‘Session Decrypt’ privilege to obtain a session.

VLT-220: Need ‘storage attributes’ param to obtain a multi-encrypt session.

VLT-221: Cannot specify both a token list and storage attribute list.

VLT-222: ‘session_multi_encrypt’ call requires a multi-encrypt session.

VLT-223: ‘session_encrypt’ call cannot be used with a multi-encrypt session.

VLT-224: multi-encrypt plaintext list is longer than storage attributes list in session.

VLT-225: each element of multi-encrypt session storage attributes list must have 3 items.

VLT-300: Problem connecting to payment processor:

VLT-301: Internal error at payment processor:

VLT-513: Invalid or unsupported commerce indicator:

VLT-997: Accessed unknown field:

VLT-998: Unable to parse configuration file:

VLT-999: Unexpected error. Contact Auric Systems if this persists.