- How to detect errors
- FORBIDDEN error
- Advertiser is in a restricted moderation status
- You are missing permissions for this action
- Advertiser is requesting an update to a job claimed by a different advertiser
- UNAUTHENTICATED error
- BAD_USER_INPUT error
- NOT_FOUND error
- DOWNSTREAM_SERVICE_ERROR or INTERNAL_SERVER_ERROR
- Retry strategy
- Get support
Troubleshoot Job Update API errors
Common Job Update API errors and how to resolve them.
How to detect errors
The Job Update API returns errors in GraphQL responses. Most errors return HTTP 200, with error details in the response body.
Always check the errors array, even when the HTTP status is 200:
{ "data": null, "errors": [{ "message": "Error description", "extensions": { "code": "FORBIDDEN" } }]}Use extensions.code to identify the error type, such as FORBIDDEN, BAD_USER_INPUT, or NOT_FOUND.
FORBIDDEN error
code | FORBIDDEN |
|---|---|
| Summary | The access token does not have permission for the requested operation. Check the |
Advertiser is in a restricted moderation status
{ "errors": [{ "extensions": { "code": "FORBIDDEN", "message": "Advertiser is in a restricted moderation status" } }]}The advertiser associated with the OAuth token is restricted as a spam-protection measure.
To resolve:
- Contact your partner manager to remove the restriction.
You are missing permissions for this action
{ "errors": [{ "extensions": { "code": "FORBIDDEN", "message": "You are missing permissions for this action. Ask your administrator for the permissions [Hosted_Job Create, Hosted_Job Update, Hosted_Job Read]" } }]}The user associated with the OAuth token does not have permission to update jobs.
To resolve:
- Verify that the OAuth client was created with an admin user.
- Grant
Hosted_Job Create,Hosted_Job Update, andHosted_Job Readto the user associated with the OAuth client. Any admin user can grant these permissions. See Indeed account settings.
Advertiser is requesting an update to a job claimed by a different advertiser
{ "errors": [{ "extensions": { "code": "FORBIDDEN", "message": "Advertiser is requesting an update to EJ (id=<EJID>), but the job is claimed by a different advertiser." } }]}Another advertiser already updated this job. Only one advertiser can update a job at a time.
To resolve:
- Verify that the OAuth token was requested for the correct advertiser.
- If another advertiser updated the job, use the clear job posting updates mutation.
This error can occur when:
- The agency can access the job through more than one advertiser.
- The employer edited the job in the UI and must undo those edits before the agency can update the job through the API.
UNAUTHENTICATED error
code | UNAUTHENTICATED |
|---|---|
| Summary | The OAuth token is expired or malformed. |
{ "errors": [{ "extensions": { "code": "UNAUTHENTICATED" } }]}To resolve:
- Verify that the OAuth token has not expired. Tokens are valid for 1 hour.
- Request a new access token.
- See Troubleshoot OAuth errors.
BAD_USER_INPUT error
code | BAD_USER_INPUT |
|---|---|
| Summary | The request is malformed. Check the |
{ "errors": [{ "extensions": { "code": "BAD_USER_INPUT" } }]}To resolve:
- Check the
messagefield to identify the invalid field. - Verify that the request fields are correctly formatted.
- See these API references for request examples:
NOT_FOUND error
code | NOT_FOUND |
|---|---|
| Summary | The job was not found. |
{ "errors": [{ "extensions": { "code": "NOT_FOUND" } }]}To resolve:
- Verify that
sourcedPostingIdis correct. - Verify that the OAuth token was requested for the correct advertiser.
This error can also occur if the requesting advertiser does not have permission to view the job.
DOWNSTREAM_SERVICE_ERROR or INTERNAL_SERVER_ERROR
code |
|
|---|---|
| Summary | An internal server error occurred. |
{ "errors": [{ "extensions": { "code": "DOWNSTREAM_SERVICE_ERROR" } }]}To resolve:
- Retry the request later.
- If the error continues, contact your partner manager.
Retry strategy
| Error | Retryable? | Strategy |
|---|---|---|
DOWNSTREAM_SERVICE_ERROR | Yes | Use exponential backoff |
INTERNAL_SERVER_ERROR | Yes | Use exponential backoff |
UNAUTHENTICATED (expired token) | Yes | Refresh the token, then retry once |
FORBIDDEN | No | Fix the permission issue |
BAD_USER_INPUT | No | Fix the request |
NOT_FOUND | No | Verify sourcedPostingId and the advertiser |
Get support
If the issue is not covered here:
- Check the GraphQL
messageandextensionsfields. - Verify that all required fields are present and correctly formatted.
- Test with minimal input first, then add fields incrementally.
- Contact your Indeed representative.
See also: