If something is missing, or in case of an error, the API returns an HTTP status different from 200 OK, and the response body contains the error description.
Here the example of an expired OAuth token:
HTTP/1.1 403 ProductNotAllowedException
"Valid auth token required"
"Es ist ein unbekannter Fehler aufgetreten (Code 2003)"
The status will always be error. The field error_details may contain useful details, for instance the problematic fields. If you need help from us, note down the supportId, and ask your project contact or our help desk.
You must also handle the situation that there is no response at all, or no JSON. There might be network issues, and filtering network appliances like firewalls or proxies. In many cases you don't need to care for these details, since our secuconnect SDK would do this for you.