NAV
shell

Introduction

Welcome to the AimBrain’s API spec.

Current API Version: API v1

Modules

AimBrain supports multiple biometric modalities (modules) as part of its authentication platform. These modules can be used together (e.g. to step-up the authentication on high risk actions) or separately, depending on the specific use-case. Because AimBrain offers a public API, any module can be used in a cross-channel context (e.g. same Voice Module with mobile banking application and customer call center).

AimBrain Modules

At the core AimBrain uses advanced Deep Learning algorithms based on state of the art, PhD level, scientific research. The technology has multiple patents pending in UK and US.

Behavioural

With the behavioural modality AimBrain uses machine learning to track not what the user enters, but how they enter it. AimBrain monitors features such as touch pressure, typing speed, as well as movement.

The technology works in mobile applications and online websites.

Facial

The technology works in mobile applications and online websites.

Liveliness detection done via random-challenge request.

Voice

The technology is language agnostic and supports free speech as well as set-phrase authentication.

Liveliness detection done via spoken challenge-response token.

Works in mobile apps, online websites and call centres.

Security

AimBrain takes security very seriously. We adhere to the highest security industry standards and have daily penetration tests performed on the infrastructure and APIs.

API v1

All API requests use POST verb to prevent caching issues and request length limitations. Requests are passed in JSON format in the HTTP request body and MUST include the following header (alongside valid authentication headers):

Content-Type: application/json

Development Endpoint: https://api.aimbrain.com/

To offer lowest latency and thus best user experience to our clients we host our infrastructure in multiple regions. Please use a closest region to you when in production.

Region Name Region Production Endpoint
US East (N. Virginia) us-east-1 https://api.us-east-1.aimbrain.com/
US West (N. California) us-west-1 https://api.us-west-1.aimbrain.com/
US West (Oregon) us-west-2 https://api.us-west-2.aimbrain.com/
Asia Pacific (Mumbai) ap-south-1 https://api.ap-south-1.aimbrain.com/
Asia Pacific (Seoul) ap-northeast-2 https://api.ap-northeast-2.aimbrain.com/
Asia Pacific (Singapore) ap-southeast-1 https://api.ap-southeast-1.aimbrain.com/
Asia Pacific (Sydney) ap-southeast-2 https://api.ap-southeast-2.aimbrain.com/
Asia Pacific (Tokyo) ap-northeast-1 https://api.ap-northeast-1.aimbrain.com/
EU (Frankfurt) eu-central-1 https://api.eu-central-1.aimbrain.com/
EU (Ireland) eu-west-1 https://api.eu-west-1.aimbrain.com/
South America (São Paulo) sa-east-1 https://api.sa-east-1.aimbrain.com/

Architecture

Production architecture

AimBrain Production Architecture

Integration

This section provides an overview of how to integrate AimBrain into production systems as described in the architecture above. For specific SDK integration please view the relevant READMEs. The integration overview is provided as sequence diagrams below.

In these sequence diagrams interactions between the following components are shown:

Session

AimBrain Production Architecture

  1. iOS, Android
  2. iOS, Android

Behavioural

AimBrain Production Architecture

  1. iOS, Android
  2. iOS, Android

Facial

AimBrain Production Architecture

  1. iOS, Android
  2. iOS auth, iOS enroll, Android auth, Android enroll
  3. /face/auth or /face/enroll endpoint

Voice

AimBrain Production Architecture

  1. iOS, Android
  2. iOS, Android
  3. iOS auth, iOS enroll, Android auth, Android enroll
  4. /voice/auth or /voice/enroll endpoint

Authentication

To generate and run curl request using curl_hmac.py tool:

python2 curl_hmac.py test secret POST /v1/sessions\
    '{"userId": "user", "device":"device", "system":"system"}'

and to read request body from file:

python2 curl_hmac.py test secret POST /v1/sessions \
    -f "request_example_body.json"

Example output:

curl https://api.aimbrain.com:443/v1/sessions\
    -H 'Content-Type: application/json'\
    -H 'X-aimbrain-apikey: test'\
    -H 'X-aimbrain-signature: uPVe74VR9ncmxltwNX69pe6amFTMbJGM0Y8dIGk8vSI='\
    -d '{"userId": "user", "device":"device", "system":"system"}'

AimBrain uses API key pairs (API key and API secret) to allow access to the API. You can register a new API key by emailing us.

AimBrain expects for the API key and HMAC Signature to be included in all API requests to the server in the HTTP headers that look like the following:

X-aimbrain-apikey: api-key
X-aimbrain-signature: base64-hmac-signature

To make development, testing and debugging easier we provide a python tool for generating correctly signed and formed curl requests, as shown in the example.

Generating X-aimbrain-signature

Use base64 encoded HMAC SHA256 digest as the request signature:

X-aimbrain-signature = base64(HMAC_SHA256(secret, message)), where

secret is your API Secret, and

message = uppercase_http_method + '\n' + lovercase_endpoint + '\n' + request_body.

/v1/sessions

Download session_request_example_body.json and use:

python2 curl_hmac.py test secret POST /v1/sessions \
    -f 'session_request_example_body.json' -r

Alternatively:

curl https://api.aimbrain.com:443/v1/sessions \
    -H 'Content-Type: application/json' \
    -H 'X-aimbrain-apikey: test' \
    -H 'X-aimbrain-signature: E7vPXCNHsJQhadkTruAbCE+q9fCmRK9Gf+wtl2/3yrA=' \
    --data @session_request_example_body.json

Example response:

{
    "behaviour":0,
    "face":0,
    "session":"test-user-test-user-1234567890-1459141412877914289"
}

This endpoint creates a server-side session and returns unique session id to be used with further API requests.

HTTP Request

POST /v1/sessions

Body

Parameter Description
userId
required
string
Random anonymous static ID used to identify app users.
device
required
string
User’s device name used in the Behavioural Module and to calculate the precise accuracy by only testing between users with the same device.
system
required
string
Operating system’s name and version used for tracking SDK’s usage statistics.
screenHeight
required
integer
User’s device screen height (px).
screenWidth
required
integer
User’s device screen width (px).

HTTP Response

Status code: 200 OK

Parameter Description
session string
Generated session id for use with other API requests to maintain session semantics.
face integer
Status of the Facial Module for given user (see below).
behaviour integer
Status of the Facial Module for given user and device pair (see below).

face parameter values:

Value Description
0 User not enrolled - facial authentication not available, enrollment required.
1 User enrolled - facial authentication available.
2 Building template - enrollment done, AimBrain is building user template and no further action is required.

behaviour parameter values:

Value Description
0 User not enrolled - behavioural authentication not available, enrollment required.
1 User enrolled - behavioural authentication available.

Custom Errors

No custom errors. Please see #errors for description of standard errors.

/v1/behavioural

Download behavioural_request_example_body.json and use:

python2 curl_hmac.py test secret POST /v1/behavioural \
    -f 'behavioural_request_example_body.json' -r

Alternatively:

curl https://api.aimbrain.com:443/v1/behavioural \
    -H 'Content-Type: application/json' \
    -H 'X-aimbrain-apikey: test' \
    -H 'X-aimbrain-signature: TgDm+IwKlW3H3ILdB3ga0OOZGgZab4gM/9nW+X4NSHw=' \
    --data @behavioural_request_example_body.json

Example response:

{
    "status":0,
    "score":0
}

This endpoint enrolls and authenticates users based on the Behavioural Module.

HTTP Request

POST /v1/behavioural

Body

Parameter Description
session
required
string
Current Session ID as returned by /v1/sessions request.
touches
required
array of objects
List of touch events (see below).
accelerations
required
array of objects
List of accelerometer events (see below).
textEvents
required
array of objects
List of text change / typing events (see below).

touches object:

Parameter Description
tid
required
integer
Touch id as reported by the system (e.g. MotionEvent.getPointerId(int)) for Android
p
required
integer
Phase or action for the touch event, where: 0 - Began, 1 - Moved, 2 - Stationary, 3 - Ended, 4 - Cancelled.
t
required
integer
The the time (in ms) when this specific event was generated.
x
required
integer
Absolute X coordinate for the touch position (for elements tagged as sensitive MUST be reported as “0”).
y
required
integer
Absolute X coordinate for the touch position (for elements tagged as sensitive MUST be reported as “0”).
rx
required
integer
Relative X coordinate to the event element (e.g. button).
ry
required
integer
Relative Y coordinate to the event element (e.g. button).
r
required
float
Approximate size of touch area for the given touch id.
f
required
float
Force of pressure of touch for the given event.
ids
required
array of strings
List of identifiers of views in the order that touch event is propagating (for elements tagged as sensitive it MUST be reported as a hash of element id + locally generated salt which never leaves the user’s device).

accelerations object:

Parameter Description
t
required
integer
The the time (in ms) when this specific event was generated.
x
required
float
Acceleration in X direction.
y
required
float
Acceleration in Y direction.
z
required
float
Acceleration in Z direction.

textEvents object:

Parameter Description
t
required
integer
The the time (in ms) when this specific event was generated.
tx
required
string
Full text after the event / change.
ids
required
array of strings
List of identifiers of views in the order that touch event is propagating (for elements tagged as sensitive it MUST be reported as a hash of element id + locally generated salt which never leaves the user’s device).

HTTP Response

Status code: 200 OK

Parameter Description
score float
Probability, expressed as float between (0..1), that the current user is the original / enrolled user (only if the current user is already enrolled).
status integer
Status of the Behavioural Module for given user (see below).

status parameter values:

Value Description
0 User not enrolled - behavioural authentication not available, enrollment required.
1 User enrolled - behavioural authentication available.

Custom Errors

No custom errors. Please see #errors for description of standard errors.

/v1/face/enroll

Download face_enroll_request_example_body.json and use:

python2 curl_hmac.py test secret POST /v1/face/enroll \
    -f 'face_enroll_request_example_body.json' -r

Alternatively:

curl https://api.aimbrain.com:443/v1/face/enroll \
    -H 'Content-Type: application/json' \
    -H 'X-aimbrain-apikey: test' \
    -H 'X-aimbrain-signature: VXNfJLbOntEVUlOp6UUwo8D4YyKjNtzspeBCOqZYM9A=' \
    --data @face_enroll_request_example_body.json

Example response:

{
    "imagesCount":2
}

This endpoint enrolls users based on the Facial Module.

HTTP Request

POST /v1/face/enroll

Body

Parameter Description
session
required
string
Current Session ID as returned by /v1/sessions request.
faces
required
array of strings
List of base64 encoded images or videos containing user face. H.264 encoded videos, JPEG and PNG formats supported. 640x480 maximum resolution, 500kB maximum size. In case of video, no longer than 3 seconds.

HTTP Response

Status code: 200 OK

Parameter Description
imagesCount integer
Number of images accepted for enrollment.

Custom Errors

Code Meaning Action
422 Well formed request received, but images were not accepted (reason specified in error field) Capture a NEW set of images and try again

Please also see #errors for description of standard errors.

/v1/face/auth

Download face_auth_request_example_body.json and use:

python2 curl_hmac.py test secret POST /v1/face/auth \
    -f 'face_auth_request_example_body.json' -r

Alternatively:

curl https://api.aimbrain.com:443/v1/face/auth \
    -H 'Content-Type: application/json' \
    -H 'X-aimbrain-apikey: test' \
    -H 'X-aimbrain-signature: dBxk9M++dNhI7pk+tXvAVaUwlWuOPl8S4wlmrhKhSqs=' \
    --data @face_auth_request_example_body.json

Example response:

{
    "score":0.95256084,
    "liveliness":0.05330102
}

This endpoint authenticates users based on the Facial Module.

HTTP Request

POST /v1/face/auth

Body

Parameter Description
session
required
string
Current Session ID as returned by /v1/sessions request.
faces
required
array of strings
List of base64 encoded images or videos containing user face. H.264 encoded videos, JPEG and PNG formats supported. 640x480 maximum resolution, 500kB maximum size. In case of video, no longer than 3 seconds.

HTTP Response

Status code: 200 OK

Parameter Description
score float
Probability, expressed as float between (0..1), that the current user is the original / enrolled user.
liveliness float
Probability, expressed as float between (0..1), that the received video in faces array represent a live person as opposed being still image. In case of images are sent in faces, 0.0 is returned.

Custom Errors

Code Meaning Action
422 Well formed request received, but images were not accepted (reason specified in error field) Capture a NEW set of images and try again
424 Well formed request received, but we could not find an enrolled user with the supplied id Confirm if enrollnment was done for the specific user

Please also see #errors for description of standard errors.

/v1/face/compare

Download face_compare_request_example_body.json and use:

python2 curl_hmac.py test secret POST /v1/face/compare \
    -f 'face_compare_request_example_body.json' -r

Alternatively:

curl https://api.aimbrain.com:443/v1/face/compare \
    -H 'Content-Type: application/json' \
    -H 'X-aimbrain-apikey: test' \
    -H 'X-aimbrain-signature: NwMmSbjqwsq7Y4x4Src7qHnIFerMhUTWcFxqLuAbbwg=' \
    --data @face_compare_request_example_body.json

Example response:

{
    "score":0.95256084,
    "liveliness1":0.05330102,
    "liveliness2":0.81412222
}

This endpoint compares two faces based on the Facial Module.

HTTP Request

POST /v1/face/compare

Body

Parameter Description
faces1
required
array of strings
List of base64 encoded images or videos containing user face. H.264 encoded videos, JPEG and PNG formats supported. 640x480 maximum resolution, 500kB maximum size. In case of video, no longer than 3 seconds.
faces2
required
array of strings
List of base64 encoded images or videos containing user face. H.264 encoded videos, JPEG and PNG formats supported. 640x480 maximum resolution, 500kB maximum size. In case of video, no longer than 3 seconds.

HTTP Response

Status code: 200 OK

Parameter Description
score float
Probability, expressed as float between (0..1), that the current user is the original / enrolled user.
liveliness1 float
Probability, expressed as float between (0..1), that the received video in faces1 array represent a live person as opposed being still image. In case of images are sent in faces1, 0.0 is returned.
liveliness2 float
Probability, expressed as float between (0..1), that the received video in faces2 array represent a live person as opposed being still image. In case of images are sent in faces2, 0.0 is returned.

Custom Errors

Code Meaning Action
422 Well formed request received, but images were not accepted (reason specified in error field) Capture a NEW set of images and try again

Please also see #errors for description of standard errors.

/v1/voice/token

Download voice_token_request_example_body.json and use:

python2 curl_hmac.py test secret POST /v1/voice/token \
    -f 'voice_token_request_example_body.json' -r

Alternatively:

curl https://api.aimbrain.com:443/v1/voice/token \
    -H 'Content-Type: application/json' \
    -H 'X-aimbrain-apikey: test' \
    -H 'X-aimbrain-signature: isMJ65cfk0B4nJEx3YKroxrkTIkxlE0r/FJhyUVmgEQ=' \
    --data @voice_token_request_example_body.json

Example response:

{
    "token":"Hello, my password is 6-6-7, verify me"
}

This endpoint a token to be displayed during voice recording.

HTTP Request

POST /v1/voice/token

Body

Parameter Description
session
required
string
Current Session ID as returned by /v1/sessions request.
tokentype
required
string
The type of token to be returned.

HTTP Response

Status code: 200 OK

Parameter Description
token string
The token to be displayed during voice recording.

tokentype parameter values:

Value Description
enroll-1 Token type to be used during the first enrollment step.
enroll-2 Token type to be used during the second enrollment step.
enroll-3 Token type to be used during the third enrollment step.
enroll-4 Token type to be used during the fourth enrollment step.
enroll-5 Token type to be used during the fifth enrollment step.
auth Token type to be used during authentication.

Custom Errors

No custom errors. Please see #errors for description of standard errors.

/v1/voice/enroll

Download voice_enroll_request_example_body.json and use:

python2 curl_hmac.py test secret POST /v1/voice/enroll \
    -f 'voice_enroll_request_example_body.json' -r

Alternatively:

curl https://api.aimbrain.com:443/v1/voice/enroll \
    -H 'Content-Type: application/json' \
    -H 'X-aimbrain-apikey: test' \
    -H 'X-aimbrain-signature: mUBC8eDZ45ObdC8IFll8gADoAsh70zGQcqPnYjVIsZI=' \
    --data @voice_enroll_request_example_body.json

Example response:

{
    "voiceSamples":1
}

This endpoint enrolls users based on the Voice Module.

HTTP Request

POST /v1/voice/enroll

Body

Parameter Description
session
required
string
Current Session ID as returned by /v1/sessions request.
voices
required
array of strings
List of base64 encoded voice samples of the user. 16k Hz sampling rate, 500kB maximum size. No longer than 5 seconds.

HTTP Response

Status code: 200 OK

Parameter Description
voiceSamples integer
Number of voice samples accepted for enrollment.

Please also see #errors for description of standard errors.

/v1/voice/auth

Download voice_auth_request_example_body.json and use:

python2 curl_hmac.py test secret POST /v1/voice/auth \
    -f 'voice_auth_request_example_body.json' -r

Alternatively:

curl https://api.aimbrain.com:443/v1/voice/auth \
    -H 'Content-Type: application/json' \
    -H 'X-aimbrain-apikey: test' \
    -H 'X-aimbrain-signature: wVeNTVyYGGfy119x5kOLoisuRTBttyxxht/sJpLy7g8=' \
    --data @voice_auth_request_example_body.json

Example response:

{
    "score":0.95256084,
    "liveliness":1.0
}

This endpoint authenticates users based on the Voice Module.

HTTP Request

POST /v1/voice/auth

Body

Parameter Description
session
required
string
Current Session ID as returned by /v1/sessions request.
voices
required
array of strings
List of base64 encoded voice samples of the user. 16k Hz sampling rate, 500kB maximum size. No longer than 5 seconds.

HTTP Response

Status code: 200 OK

Parameter Description
score float
Probability, expressed as float between (0..1), that the current user is the original / enrolled user.
liveliness float
Probability, expressed as float between (0..1), that the received voice samples in voices array represent a live person as opposed being a recording. In case voice token is not used, 0.0 is returned.

Custom Errors

Code Meaning Action
424 Well formed request received, but we could not find an enrolled user with the supplied id Confirm if enrollnment was done for the specific user

Please also see #errors for description of standard errors.

Errors

Example error:

{
    "error":"Unable to detect face in target image"
}

All errors are indicated by returning HTTP code which is NOT 200. Human readable description is returned via body in JSON format.

Parameter Description
error string
Human readable error description.

The AimBrain API uses the following error codes:

Code Meaning Action
400 Bad Request – malformed request received (e.g. missing API key, API signature, required parameters or malformed json) Inspect the error message and fix any errors
401 Unauthorized – your API key or API signature is invalid Check implementation and try generating a new key pair via dashboard
403 Forbidden – specified session with the id could not be found Generate and include a valid session id and try again
500 Internal Server Error – well formed request received, but we had a problem with our server Try again later

Authenticator

All API requests use POST verb to prevent caching issues and request length limitations. Requests are passed in JSON format in the HTTP request body and MUST include the following header (alongside valid authentication headers):

Content-Type: application/json

Endpoint: https://authenticator.aimbrain.com/

Authentication

To generate and run curl request using curl_hmac_authenticator.py tool:

python2 curl_hmac_authenticator.py bank secret POST /v1/requests\
    '{"ids":["XXXXXXXX"],"timeout":180,"modules":[0],"threshold":0.5,"attempts":3,"title":"Title","summary":"Summary"}'

Example output:

curl https://authenticator.aimbrain.com:443/v1/requests\
    -H 'Content-Type: application/json'\
    -H 'X-aimbrain-apikey: bank'\
    -H 'X-aimbrain-signature: /1vf7VfMHoLPcKgRBqTqATpP16MqoyyA3e05SgxtSxQ='\
    -d '{"ids":["XXXXXXXX"],"timeout":180,"modules":[0],"threshold":0.5,"attempts":3,"title":"Title","summary":"Summary"}'

AimBrain uses API key pairs (API key and API secret) to allow access to the API. You can register a new API key by emailing us.

AimBrain expects for the API key and HMAC Signature to be included in all API requests to the server in the HTTP headers that look like the following:

X-aimbrain-apikey: api-key
X-aimbrain-signature: base64-hmac-signature

To make development, testing and debugging easier we provide a python tool for generating correctly signed and formed curl requests, as shown in the example.

Generating X-aimbrain-signature

Use base64 encoded HMAC SHA256 digest as the request signature:

X-aimbrain-signature = base64(HMAC_SHA256(secret, message)), where

secret is your API Secret, and

message = uppercase_http_method + '\n' + lovercase_endpoint + '\n' + request_body.

/requests

Example use:

python2 curl_hmac_authenticator.py bank secret POST /v1/requests\
    '{"ids":["XXXXXXXX"],"timeout":180,"modules":[0],"threshold":0.5,"attempts":3,"title":"Title","summary":"Summary"}' -r

Alternatively:

curl https://authenticator.aimbrain.com:443/v1/requests
    -H 'Content-Type: application/json'
    -H 'X-aimbrain-apikey: bank'
    -H 'X-aimbrain-signature: /1vf7VfMHoLPcKgRBqTqATpP16MqoyyA3e05SgxtSxQ='
    -d '{"ids":["XXXXXXXX"],"timeout":180,"modules":[0],"threshold":0.5,"attempts":3,"title":"Title","summary":"Summary"}'

Example response:

{
    "requestid":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}

Create new authentication request. Returns unique authentication ID which reflects the authentication request progress.

HTTP Request

POST /requests

Body

Parameter Description
ids
required
array of strings
List of authenticator IDs that the client wants to push notification to. More than one usually represents multiple devices held by the user.
threshold
required
number
Threshold (probability) of when we consider user successfully authenticated between 0..1. 0 - definitely not the user, 1 - definitely the user.
modules
required
array of integers
A list of allowed modules for authentication (0 - face, 1 - voice).
attempts
required
integer
Number of attempts that the user can fail authentication before considering the original authentication request as failed.
timeout
required
integer
A timeout, in Seconds, from the original authentication request after which it is considered as failed.
title
required
string
Title to show the user when requesting authentication.
summary
required
string
Summary to show the user when requesting authentication.
meta
optional
string
Custom field which will be included with response, limited to 1024 characters.

HTTP Response

Status code: 200 OK

Parameter Description
requestid string
A unique request id used for tracking the authentication request progress. Different from the one sent to the app.

Custom Errors

No custom errors. Please see #errors for description of standard errors.

/requests/REQUESTID/status

Example use:

python2 curl_hmac_authenticator.py bank secret \
  POST /v1/requests/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/status/ '' -r

Alternatively:

curl https://authenticator.aimbrain.com:443/v1/requests/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/status/
    -H 'Content-Type: application/json'
    -H 'X-aimbrain-apikey: bank'
    -H 'X-aimbrain-signature: yqgQpOzesjoUeEbIsqVNRilxKHewn8vX40qA6TCPza8='
    -d ''

Example response:

{
    "created":1488477936,
    "remaining_attempts":3,
    "remaining_time":0,
    "status":2,
    "attempts":[{
        "timestamp":1488477944,
        "id":"XXXXXXXXXX",
        "score":0.9908461,
        "module":0
    }],
    "request":{
        "timeout":180,
        "modules":[0],
        "ids":["XXXXXXXXXX"],
        "threshold":0.5,
        "attempts":3,
        "title":"Title",
        "summary":"Summary",
        "meta":""
    }
}

Query for the authentication request progress. Here the REQUESTID is the requestid from the /requests call response.

HTTP Request

POST /requests/REQUESTID/status

Body

No body is required with this request. The requestid is passed through the URL.

HTTP Response

Status code: 200 OK

Parameter Description
remaining_attempts integer
Remaining attempts.
remaining_time integer
Remaining time in seconds.
created integer
UTC timestamp.
status integer
Status of the authentication request (see below).
attempts array of objects
List of authentication attempts (see below).
request object
JSON Object to represent the original request parameters (see below).

status parameter values:

Value Description
0 Request created.
1 Notification sent.
2 Authenticated successfully.
3 Failed to authenticate within allowed attempts.
4 Failed to authenticate within allowed time (timed out).
5 User alerted the authentication request.
6 Other reason for failed authentication.

attempts object fields:

Field Description
module Modules used.
score Score of authentication.
id Authenticator ID used.
timestamp UTC timestamp.

request object fields:

Field Description
ids array of strings
List of authenticator IDs as sent originally.
threshold number
Threshold (probability) as sent originally.
modules array of integers
List of allowed modules as sent originally.
attempts integer
Number of attempts as sent originially.
timeout integer
Timeout as sent originally.
title string
Title as sent originally.
summary string
Summary as sent originally.
meta string
Custom meta info as sent originally.

Custom Errors

No custom errors. Please see #errors for description of standard errors.

Errors

All errors are indicated by returning HTTP code which is NOT 200. Human readable description is returned via body in JSON format.

Parameter Description
error string
Human readable error description.

The AimBrain API uses the following error codes:

Code Meaning Action
400 Bad Request – malformed request received (e.g. missing API key, API signature, required parameters or malformed json) Inspect the error message and fix any errors
401 Unauthorized – your API key or API signature is invalid Check implementation and try generating a new key pair via dashboard
403 Forbidden – specified session with the id could not be found Generate and include a valid session id and try again
500 Internal Server Error – well formed request received, but we had a problem with our server Try again later