API Reference

Errors

Error codes and response format.

Overview

The API returns conventional HTTP status codes and a structured JSON error object with code, message, and optional param field for validation failures.

Who should read this

  • QA engineers, SREs, platform teams, and developers operating Zof Console and APIs.

When to use this workflow

  • Onboarding new team members to Zof terminology and workflows
  • Authoring internal runbooks aligned with Console labels
  • Designing CI/CD or webhook integrations against documented behavior

Step-by-step procedure

Confirm access

Verify organization membership and role permissions in Admin Center.

Confirm API key or SSO session is scoped to the correct tenant.

Apply this guidance

Follow Console navigation paths and API examples in this document.

Use staging project and environment IDs for first-time integration tests.

Verify outcomes

Check Operate → Runs, Quality areas, or API responses for expected results.

Update team runbooks when your stack requires environment-specific variations.

Key concepts

400 Bad Request
Malformed JSON, missing required field, or invalid parameter value.
401 Unauthorized
Missing, expired, or invalid API key.
403 Forbidden
Valid key but insufficient role permission for the operation.
404 Not Found
Resource ID unknown or not visible in your organization scope.
409 Conflict
State conflict, e.g., canceling a completed run.
429 Too Many Requests
Rate limit exceeded; honor Retry-After header.
500 Internal Server Error
Transient server fault; retry idempotent GETs with backoff.

Best practices

  • Validate changes in staging before applying release gates to production.
  • Include run IDs and timestamps when escalating issues to support or auditors.
  • Align internal runbook terminology with Zof Console UI labels for clarity.

Common issues

401 after key rotation
Update CI secrets with new key; revoke old key only after cutover.
403 on run create
Key owner role may lack runs:create; use service account with QA or admin role.

Error response shape

{
  "error": {
    "code": "invalid_request",
    "message": "environment must be one of: staging, production",
    "param": "environment"
  }
}

Was this page helpful?

01The operational surface

One surface for posture, operations, and what needs attention next.

The Zof home is not a marketing dashboard. It is the operational surface engineering, QA, and SRE teams use every day, quality posture, in-flight runs, coverage by module, and the actions a leader should look at next.

OPERATIONAL KPIs

  • Runs
  • Coverage
  • Risk

Live across every environment you ship to.

WORK SPINE

  • Specs
  • Tests
  • Schedules

From specification to scheduled regression.

GUARDRAILS

  • RBAC
  • SSO
  • audit

Every action attributable to a named human.

STAGING · LIVE/home
Zof AI home command center showing 12 runs at 94% pass, 3 open critical issues, 84% coverage, four module traceability bars, the specification pipeline, upcoming schedules, and recommended next actions with an active-runs sidebar.
Home view · Checkout Service · Staging · captured live from the product.
  • 01 · RUNS · 24H

    94% pass

    12 runs across staging

  • 02 · COVERAGE

    84%

    Across four modules

  • 03 · ACTIVE RUNS

    3 running

    Live on this branch

  • 04 · NEXT ACTIONS

    Recommended

    Triage gaps, new spec

Errors | Zof AI Documentation