Working with the API will bring 3 types of errors:

Validation errors
Authentication or authorization errors
Unknown errors

HTTP Status Code	Description
400 - Bad Request	This status code implies that the server couldn't understand the request due to invalid syntax, or there is a problem with the provided input. These types of errors are usually coming from validations.
401 - Unauthorized	This error code signifies that the request requires user authentication or that the current access token has expired.
403 - Forbidden	This status code means that the user is not allowed to access a specific resource or action
404 - Not found	Happens when a resource is not found or the client is not allowed to access it
500 - Internal Server Error	This is a generic error message, given when an unexpected condition was encountered by the server and no more specific message is suitable. In other words, it's a "catch-all" for server-side errors.

Validation Errors (400 - Bad Request)

Attribute	Type	Description
type	String	Link to the RFC
title	String	Brief explanation of the error
status	Integer	The error code
errors	Array	A more detailed explanation of the error

Example response

{
  "type": "https://tools.ietf.org/html/rfc7231#section-6.5.1",
  "title": "One or more validation errors occurred.",
  "status": 400,
  "errors": {
    "Credentials": [
      "Email not found or combination of email and password incorrect"
    ]
  }
}