Auth

Errors

Error taxonomy, retry policy, and route-specific failure interpretation.

Common HTTP classes

400 malformed input or expired verification codes.
401 bad token or wrong token type.
403 permission denied due to team/role policy.
404 resource id not present in current environment.
409 conflicting state (invite already used, owner removal, etc).
429 request bucket exceeded.

Retry policy

Retry 429, 503, and websocket 1013 with exponential backoff and jitter.
Do not retry 401 or 403 blindly; fix auth context first.

StartEnd