Client Status Codes: Authorization
The below table provides the status codes and their descriptions, expected UI behavior (if applicable), and comments to include if you report the error to Verimatrix Customer Care.
| MDRM Error code | Message | Description | HTTP Error code |
|---|---|---|---|
| MDRM-500 | An unexpected error occurred while processing the request | Generic error | 500 |
| MDRM-501 | Authorization token is required | The Authorization token itself is missing in the header of the content encryption request or get license request. | 401 |
| MDRM-502 | Failed to decode JSON web token | The Authorization token in the header of the content encryption request or get license request is incorrect. | 401 |
| MDRM-503 | Recipient does not allow access for specified audience | The aud claim present in the payload of the JWT token sent via the header of the License request value is incorrect. It is restricted to the scope during the creation/import of signing key. | 403 |
| MDRM-504 | Failed to resolve JSON web key | 401 | |
| MDRM-505 | JSON web token is invalid | 401 | |
| MDRM-506 | Failed to resolve session JSON web key | 401 | |
| MDRM-507 | Unable to sign session JSON web token | The encode JWT token with private key does not match with the public key present in the database. | 500 |
| MDRM-508 | JSON web token is expired | The exp claim present in the payload of the JWT token sent via the header of the License request value is expired. | 401 |
| MDRM-509 | JSON web token is missing issued at (iat) claim | The keyId claim present in the header of the JWT token sent via the header of the License request value is disabled. | 401 |
| MDRM-510 | JSON web token is inactive and may not be processed before the not before (iat) claim timestamp | The iat claim present in the payload of the JWT token sent via the header of the License request epoch value is at a later time. | 401 |
| MDRM-511 | JSON web token is inactive and may not be processed before the not before (nbf) claim timestamp | The nbf claim present in the payload of the JWT token sent via the header of the License request epoch value is at a later time. | 401 |
| MDRM-512 | Failed to retrieve signing key from the database | The keyId claim present in the header of the JWT token sent via the header of the License request value is already deleted. | 401 |
| MDRM-513 | JSON web key is disabled | The keyId claim present in the header of the JWT token sent via the header of the License request value is already disabled. | 401 |
| MDRM-514 | Malformed signed CPIX request | The signed CPIX request is missing the required query parameters, kid, sub, and iss | 400 |
| MDRM-517 | Malformed Trust Tunnel Request | The Trust Tunnel request does not contain the required data, such as the license request and JWT | 400 |
| MDRM-518 | Failed to resolve Trust Tunnel master key | The Trust Tunnel request contains a Master Key Id that has not been registered with the system | 403 |
| MDRM-519 | Failed to decrypt Trust Tunnel request | The Trust Tunnel request cannot be decrypted using the Master Key | 400 |
| MDRM-520 | Invalid Trust Tunnel mode configuration for the request | The configured Trust Tunnel mode is Enforcing, and a non-Trust Tunnel request is received. It can also be seen when the configured Trust Tunnel mode is Off and a Trust Tunnel request is received | 403 |
| MDRM-521 | Invalid Trust Tunnel protocol for the request | The configured Trust Tunnel mode is set to Permissive (default), and the drm_protocol claim is set in the JWT, and it does not align with the request type (REST | Trust Tunnel) | 403 |
Updated 15 days ago
What’s Next