Error Handling Architecture
Standardized error handling patterns across the API layer.
Global Exception Filterβ
All unhandled exceptions are caught by the global exception filter:
@Catch()
export class AllExceptionsFilter implements ExceptionFilter {
catch(exception: unknown, host: ArgumentsHost) {
const ctx = host.switchToHttp();
const response = ctx.getResponse<Response>();
const status =
exception instanceof HttpException
? exception.getStatus()
: HttpStatus.INTERNAL_SERVER_ERROR;
response.status(status).json({
statusCode: status,
message: this.getErrorMessage(exception),
timestamp: new Date().toISOString(),
});
}
}
Standard Error Responsesβ
400 Bad Requestβ
Validation errors return field-level details:
{
"statusCode": 400,
"message": ["email must be an email", "name should not be empty"],
"error": "Bad Request"
}
401 Unauthorizedβ
{
"statusCode": 401,
"message": "Unauthorized"
}
403 Forbiddenβ
Missing permissions:
{
"statusCode": 403,
"message": "You do not have permission to access this resource"
}
404 Not Foundβ
{
"statusCode": 404,
"message": "Record not found"
}
409 Conflictβ
Duplicate records:
{
"statusCode": 409,
"message": "Email already in use"
}
429 Too Many Requestsβ
Rate limiting:
{
"statusCode": 429,
"message": "ThrottlerException: Too Many Requests"
}
Custom Exceptionsβ
// Usage in services
throw new NotFoundException("Employee not found");
throw new ForbiddenException("Insufficient permissions");
throw new ConflictException("Email already exists");
throw new BadRequestException("Invalid date range");
Error Loggingβ
All 5xx errors are logged with full stack traces. 4xx errors are logged at warn level.
Related Pagesβ
- Request Lifecycle β request flow
- API Error Handling β client error handling