At times, you may encounter errors while making API calls. This article is meant to explain and troubleshoot the most common errors or issues that folks run into. For an exhaustive listing of errors please refer to our API documentation. If you end up needing to send in a support ticket, please follow the guidelines listed in the last section to have the most efficient customer service experience.
2xx codes signify success, 4xx mostly represent user error, 5xx generally correspond to a server error. The error messages will return a JSON-encoded body that contains error and message fields. Those will provide specific error conditions and human-readable messages to identify what caused the error.
Understanding Airtable error identifiers
Airtable uses different types of error identifiers depending on where and how an error occurs. Understanding these formats can help troubleshoot issues more effectively.
Error code formats
HTTP status codes - Three-digit numeric codes (e.g., 400, 401, 403, 404, 422, 500) returned by the API to indicate the type of error. These are documented in the sections above.
Error type strings - Text-based error identifiers (e.g., INVALID_PERMISSIONS, TOO_MANY_REQUESTS, NOT_FOUND) that appear in the JSON response body alongside HTTP status codes. These provide specific context about what caused the error.
Formula errors - Text-based error messages (e.g., #ERROR, NaN, circular reference, infinity) that appear in formula fields when there's an issue with the formula syntax or calculation. Learn more in the Troubleshooting Common Airtable Formula Errors article.
Internal error identifiers - Alphanumeric strings (e.g., 16-character mixed-case codes) that may appear in error messages or logs. These are internal tracking identifiers used by Airtable's systems and aren't publicly documented.
What to do with unfamiliar error codes - If you encounter an error identifier that doesn't match the documented formats above:
Note where the error appeared (API response, browser console, email notification, in-product message)
Check if it might be a record ID, base ID, or other Airtable identifier rather than an error code
Review the context around when the error occurred and what action was being performed
Follow the support interaction guidance below to report the issue with full context
Airtable identifiers like base IDs, table IDs, and record IDs follow specific formats (e.g., base IDs start with "app", table IDs start with "tbl", record IDs start with "rec"). If an unfamiliar code doesn't match documented error formats, it may be one of these identifiers rather than an error code.
Success code
200 OK - Request completed successfully.
User error codes
These errors generally indicate a problem on the client side. If you are getting one of these, check your code and the request details.
400 Bad Request - The request encoding is invalid; the request can't be parsed as a valid JSON.
401 Unauthorized - Accessing a protected resource without authorization or with invalid credentials.
401 error: authentication_required
Error meaning - The access token was not present in the request, or it was passed incorrectly.
Troubleshooting steps - Find your access token and add it to your request. To include an access token in the request use the Authorization header. When using the Authorization header method, make sure to use Bearer authentication (rather than basic).
401 error: unauthorized, invalid authentication token
Error meaning - The access token that was provided is invalid.
Troubleshooting steps - Check that the access token you are using is the same as the access token you’ve already set up.
403 Forbidden - Accessing a protected resource with API credentials that don't have access to that resource. See below for examples and suggested debugging steps.
403 error: invalid_permissions
Error meaning - The access token was passed correctly in the request, but you do not have permission to perform the action in the API request.
Troubleshooting steps - Reach out to a base/workspace owner or creator to have your permission level increased.
403 error: invalid_permissions (field or table operation limits)
Error meaning - There are table or field-level permissions that are prohibiting the operation; this means that the field or table has been configured to limit who can perform this operation.
Troubleshooting steps - Check the fields and table being referenced in your API request. There are likely conflicting field and table editing permissions. Try performing the same operation as the API request, but within the Airtable UI - this should help to identify the specific field(s) that you are unable to edit by process of elimination.
This error can also occur when creating or updating a record and writing a new value to a linked record field. If we are unable to find a matching record in the linked (foreign) table, then we will attempt to create a record in that foreign table and set the primary field to the value given in the API request. That request to create the foreign record will fail if the foreign table is a synced table since it's not possible to create records in a synced table. It will also fail if the foreign table has a formula field as the primary field since it's not possible to write directly to a formula field.
404 Not Found - Route or resource is not found. This error is returned when the request hits an undefined route, or if the resource doesn't exist (e.g. has been deleted).
406 error: blocked
Error meaning - The request was blocked for security reasons.
Troubleshooting steps - If you receive HTTP 406 errors from airtable.com or api.airtable.com and believe these are in error, follow the guidance listed here.
413 Request Entity Too Large - The request exceeded the maximum allowed payload size. You shouldn't encounter this under normal use.
422 Invalid Request - The request data is invalid. This includes most of the base-specific validations. You will receive a detailed error message and code pointing to the exact issue.
422 error: invalid_request_body (unable to parse request body)
Error meaning - Something is wrong with the request body.
Troubleshooting steps - First, check that the request body is valid JSON, and matches the example request body for the desired operation in our API documentation. Also ensure that the Content-Type: application/json header is included if you are making a
POST,PUT, orPATCHrequest.
422 error: invalid_multiple_choice_options
Error meaning - A select field option that does not yet exist in the field was present in the API request body.
Troubleshooting steps - When creating or updating records, if the choice string does not exactly match an existing option, the request will fail with an
INVALID_MULTIPLE_CHOICE_OPTIONSerror unless the typecast parameter is enabled. If typecast is enabled, a new choice will be created if one does not exactly match. To see an example of how to include the typecast parameter in your request body, visit the API documentation under "Create records".
422 error: FAILED_STATE_CHECK
Error meaning - values and/or parameters in the endpoint path have been mismatched
Troubleshooting steps - Review the URL path and parameters to verify that the values indicated match and/or exist. This includes base Ids (aka application Ids), Table Ids, View ids, record Ids, etc.
Example: Let’s say you have a base that includes Table A and Table B. Further, Table A includes View 1 whereas Table B includes View 2. If you make a request to the List records endpoint with Table A but use View 2 as a parameter, the request will error because View 2 does not belong to Table A.
The 422 error may also occur when adding single-select or multiple-select field values using "typecast" without creator permissions on a base.
429 error: TOO_MANY_REQUESTS
Error meaning - The rate limit of 5 requests per base per second was exceeded. You will need to wait 30 seconds before subsequent requests succeed.
Troubleshooting steps:
Rate limit - Add timeouts to the code to ensure that it stays under the rate limit.
Call limit - Wait until the first day of the next month for call limits to reset.
429 error: PUBLIC_API_BILLING_LIMIT_EXCEEDED
Error meaning - This error can appear if you've exceeded your plan's API call limit on the Free plan (1000 API calls per month) or Team plan (100000 API calls per month). Business and Enterprise plans have unlimited calls, so if you see a 429 error on these plans, it's often due to rate limiting rather than a monthly call limit.
Troubleshooting steps:
Confirm that the base being called resides in your highest paid workspace.
If it doesn’t, then move that base to the workspace with the highest API call limit possible.
If you need a higher call limit, then consider upgrading to a different plan.
Server error codes
These errors generally represent an error on our side. In the event of a 5xx error code, detailed information about the error will be automatically recorded, and Airtable's developers will be notified. You can check our Status Page to see if there may be a reported incident at the time you received this error. If you receive any 500 error when there is no reported incident or downtime, please follow the guidance listed here.
500 Internal Server Error - The server encountered an unexpected condition.
502 Bad Gateway - Airtable's servers are restarting or an unexpected outage is in progress. You should generally not receive this error, and requests are safe to retry.
503 Service Unavailable - The server could not process your request in time. The server could be temporarily unavailable, or it could have timed out processing your request. You should retry the request with backoffs.
Example error responses
403 - You don't have the right permission for the resource, or the resource was not found
Check that both you and the token have access to the resource. For example, to access a base using a personal access token, your user must be a collaborator and the token must also have access to the base. See this guide for more details.
403 Forbidden
{
"error": {
"type": "INVALID_PERMISSIONS_OR_MODEL_NOT_FOUND",
"message": "Invalid permissions, or the requested model was not found. Check that both your user and your token have the required permissions, and that the model names and/or ids are correct."
}
}You don't have permission to create records in the given table. This is returned both when creating records directly, and when creating linked records while updating cell values. Check whether the table or any fields you are setting values for have editing permissions limited.
403 Forbidden
{
"error": {
"type": "INVALID_PERMISSIONS",
"message": "You are not permitted to create records in table TABLE_NAME (TABLE_ID)"
}
}403 Forbidden
{
"error": {
"type": "INVALID_PERMISSIONS",
"message": "You are not permitted to write cell values in field FIELD_NAME (FIELD_ID)"
}
}You don't have the right permission for the action.
403 Forbidden
{
"error": {
"type": "INVALID_PERMISSIONS",
"message": "You are not permitted to perform this operation"
}
}404 - The path is not valid
404 Not Found
{
"error": "NOT_FOUND"
}404 Not Found
{
"error": {
"type": "NOT_FOUND"
}
}422 - The path is correct, however, the body is either not understood or not permitted
422 Unprocessable Entity
{
"error": {
"type": "INVALID_REQUEST_UNKNOWN",
"message": "Invalid request: parameter validation failed. Check your request data."
}
}503 - The server is temporarily unavailable and the request should be retried
The Retry-After header may be provided.
503 Service Unavailable
{
"error": {
"type": "RETRIABLE_ERROR",
"message": "Server encountered an error while processing your request, and it is safe to retry the request"
}
}Troubleshooting API issues
These are the most common issues that customers run into at the moment.
I’m having trouble using the "filterByFormula" parameter - When using the
filterByFormulaparameter, the formula provided in the request will be evaluated for each record. If the result is not0,false,"",NaN,[], or#Error!, then the record will be included in the response. This parameter requires a valid Airtable Formula. The most effective way to troubleshoot formula issues is to add the formula to your table in a new formula field. That way, you can see what each record in your table returns for that formula and ensure that the results are what you are expecting. For more information, please consult this article.I can't upload my attachments with the API. The API request is successful, but in the record revision history I can see that the attachment was deleted right after it was uploaded - When uploading attachments via the API, you must provide a URL where the file is publicly accessible (e.g. not password-protected, network-protected, or expired). Check that the URL you are providing links directly to your file and that there are no access restrictions in place.
Support interaction guidance
If the troubleshooting steps outlined above have not helped to resolve your issue, then:
Please include the following information when you submit your help request:
The full API request (Please omit your secret access token)
Any error messages you are receiving
Relevant and specific context around the particular issue you are encountering
Contact Airtable Support by clicking
on the lower right corner.
FAQs
What happens when I use the API or a third-party integration to write new select option values?
When sending new option values via the Airtable REST API, you must include the typecast parameter set to true in your request body. Without it, the API will return an error if the value doesn't match an existing option.
If you're using a third-party integration (Zapier, Make/Integromat), look for an equivalent setting in that tool's Airtable action. In Make (formerly Integromat), this option is called "Smart links". The naming varies by platform, so confirm your integration tool's documentation for its equivalent of typecast.
I'm getting a 403 error connecting Airtable to a third-party tool (Make.com, n8n), but I can't see why. How do I find the real cause?
I'm getting a 403 error connecting Airtable to a third-party tool (e.g. Make, n8n), but I can't see why. How do I find the real cause?
Some integration platforms hide the descriptive error message Airtable returns in its 403 response, so the connector only shows a generic "403" or "Forbidden" without the underlying reason. To see Airtable's actual message, reproduce the same call directly with curl or an API client like Postman:
curl --location 'https://api.airtable.com/v0/{baseId}/{tableId}' \
--header 'Authorization: Bearer {personalAccessToken}'
Substitute your own baseId, tableId, and personal access token. If a 403 is returned, check the error.message field in the response body — it will usually point to the specific cause, often a field- or table-level permission restricting access for your user. For the full list of 403 variants and their meanings, see Airtable API: Common troubleshooting.
My personal access token has the right scopes and base access, so why am I still getting a 403?
A token needs both the correct scopes and access to the resource, but a 403 can still occur even when those look right if there are field- or table-level editing permissions limiting your user, or if a linked-record write would require creating a record in a synced table or a formula primary field. Running the request directly (see above) and reading error.message is the quickest way to confirm which restriction applies. You can also try the same action in the Airtable UI to isolate the blocked field by process of elimination.
My List records calls return “404 NOT_FOUND,” but the metadata/schema API works and the web UI is fine. What's wrong?
The most common cause is a malformed URL, specifically, adding a trailing /records to the path. The List records endpoint is:
GET https://api.airtable.com/v0/{baseId}/{tableIdOrName}
The table itself is the records collection, so there is no /records segment. A request to /v0/{baseId}/{tableIdOrName}/records is an undefined route and returns 404 NOT_FOUND. Use the base ID or table ID/name directly:
GET https://api.airtable.com/v0/{baseId}/{tableIdOrName}?maxRecords=1
GET https://api.airtable.com/v0/{baseId}/{tableIdOrName}?filterByFormula={Field}='Updated'
A useful tell: if the metadata endpoint (/v0/meta/bases/{baseId}/tables) returns 200 but records calls 404 with valid scopes and base access, the problem is almost always the request URL's structure, not your token or account. The two endpoints have different path shapes, so it's easy to get metadata right while the records path is off.
How do I resolve the “406: Blocked” error I’m receiving from the API?
A 406 "Blocked" is a security block, not a rate-limit or permissions error. It means a request to airtable.com or api.airtable.com was stopped by Airtable's security layer before reaching your data — so rotating your token or checking your monthly quota usually won't help (those surface as 403 or 429 instead). Common causes and fixes:
Confirm you're calling the API endpoint, not a webpage. Requests must go to https://api.airtable.com/v0/{baseId}/{tableIdOrName}. If a workflow step is pointed at a website or support URL, you'll get a blocked HTML page rather than a JSON response.
Check your request headers. Send a proper Authorization: Bearer <token> header, an appropriate content-type: application/json for writes, and avoid missing or unusual Accept/User-Agent headers — automation tools sometimes send headers that a security layer flags.
Test from another environment. Run the same request from Postman or a local machine. If it works elsewhere but fails from your server, the block is tied to the hosting environment/IP, not the request.
Consider the source IP. Self-hosted automation servers (e.g., self-hosted n8n) often run on cloud/VPN IP ranges that can be flagged. If you believe a 406 is in error, gather the details below and contact support so the IP/account can be reviewed.
Why does my Personal Access Token return a 401 / AUTHENTICATION_REQUIRED error even though scopes, base access, and Bearer format are correct?
The most common cause is that you're sending only the Token ID (the short string before the period, e.g. patXXXXXXXXXXXXXX) instead of the full token. A complete PAT looks like patXXXXXXXXXXXXXX.xxxxxxxxxxxxxxxxxxxxxxxxxxxx — an ID, a period, then a long secret. The API needs the entire string, including everything after the period; sending just the ID returns a 401 with AUTHENTICATION_REQUIRED. The Token ID stays visible on your tokens page, but the secret portion is shown only once, at creation. If you didn't copy the full value then, you can't retrieve it — regenerate the token (or create a new one) and copy the complete string.
When copying a new token, make sure you capture the whole value. If the Copy button or your selection doesn't grab the entire string, select it manually end-to-end, and verify it contains a period with a long secret after it. Store it securely (an environment variable), and never paste the secret into support tickets or share it — redact everything after the period.
My API call returns [404] INVALID_API_VERSION. What does it mean and how do I fix it?
INVALID_API_VERSION means the request didn't match a valid Airtable API route/version — the URL is being interpreted as an unsupported version or path, so it's rejected before it reaches the endpoint. It's almost always how the request is constructed, not your plan or token. Check:
Use the real API host, not the documentation URL. Calls go to https://api.airtable.com/.... Pages under airtable.com/developers/web/api/... are reference docs, not callable endpoints — calling them produces this error.
Use the /v0/ version path. The current API uses v0. A /v1/ or /v2/ (or omitting the version where it's required) triggers INVALID_API_VERSION.
Match the exact endpoint path and method. Confirm the full path and HTTP method from the endpoint's API reference. For example, Move Base is POST https://api.airtable.com/v0/meta/workspaces/{workspaceId}/moveBase, with {workspaceId} being the destination workspace.
Send correct headers and body. Include Authorization: Bearer YOUR_FULL_TOKEN and, for write endpoints, Content-Type: application/json with a valid JSON body (Move Base expects the baseId of the base to move).
Watch for tools/proxies rewriting the request. A middleware tool or proxy that alters the host, path, or method can cause this; reproduce the call in curl to confirm the exact URL being sent.
Why does my PATCH return “200” after trying to add an file via the API?
A 200 means the record update was accepted, but attaching by URL is a two-step process: Airtable then tries to fetch the file from that URL server-side. If it can't download the file, the attachment silently fails to appear — you'll often see in the record's revision history that an attachment was added and then removed right away. This almost always means the URL isn't a public, direct file URL. The URL must:
return the file itself on a plain unauthenticated GET (not an HTML preview/viewer page),
require no login, cookies, signed session, or headers, and
not rely on redirects that lead to an access check.
Test with curl -IL <url> (or a GET) and confirm the response is the raw file (e.g., Content-Type: application/pdf), not HTML or a chain of redirects.