LLM API Error Codes Explained: 401, 402, 429, 500 & Fixes
LLM APIs return standard HTTP error codes, and each points to a specific cause and fix. Knowing them turns a cryptic failure into a two-minute resolution: 401 is auth, 402 is billing, 429 is rate limits, 5xx is the provider. This guide is a reference for every common code you'll see — what triggers it, how to fix it, how to handle them in code, and how failover hides the ones that aren't your fault.
The error-code reference
Every common code, its cause, and the fix:
| Code | Meaning | Cause | Fix |
|---|---|---|---|
| 400 | Bad Request | Malformed JSON, wrong model id, bad param | Correct the request |
| 401 | Unauthorized | Missing/wrong/revoked/wrong-region key | Fix the API key |
| 402 | Payment Required | No credit, expired card, quota exhausted | Add funds / fix billing |
| 403 | Forbidden | No access to that model/feature/region | Request access / switch model |
| 404 | Not Found | Wrong endpoint or model id | Check URL & model id |
| 422 | Unprocessable | Valid shape, invalid value (out of range) | Fix the parameter value |
| 429 | Too Many Requests | Rate limit (RPM/TPM/concurrency) | Backoff + retry / failover |
| 500 | Server Error | Provider-side fault | Retry / failover |
| 503 | Unavailable | Provider overloaded/down | Retry / failover |
Client errors (your side — fix, don't retry)
- 401 Unauthorized — the #1 first-call error. The key is missing, wrong, rotated, or doesn't match the endpoint's region. Re-check how the key is loaded and which base URL you're calling.
- 402 Payment Required — a billing block, not a bug. Add credits, fix the card, or check a spend cap. Your request was valid; it just couldn't be paid for.
- 400 / 422 — a malformed (400) or semantically invalid (422) request: wrong model id, bad JSON, an out-of-range parameter. Retrying won't help; correct the request.
- 403 / 404 — no access to that model/feature (403) or a wrong endpoint/model id (404). Request access or fix the identifier.
These all share one rule: don't retry — retrying an unfixed client error just fails again.
Server errors (provider side — retry, then failover)
- 429 Too Many Requests — a rate limit. Back off and retry with jitter, or fail over. See the rate-limit guide.
- 500 / 503 — the provider is faulting or overloaded. Not your fault and usually transient; retry with backoff, and fail over to an equivalent model if it persists.
Handling them in code
Branch by code — retry the transient ones, fail fast on the rest:
from openai import OpenAI, RateLimitError, APIStatusError
import time, random
client = OpenAI(base_url="https://www.datallmlab.com/v1", api_key="$DATALLMLAB_API_KEY")
def call(messages, model="openai/gpt-5.4", tries=5):
for i in range(tries):
try:
return client.chat.completions.create(model=model, messages=messages)
except RateLimitError: # 429 — transient, back off
time.sleep((2 ** i) + random.random())
except APIStatusError as e:
if e.status_code in (500, 503): # provider fault — retry
time.sleep((2 ** i) + random.random())
else: # 400/401/402/403/404/422 — fix, don't retry
raise
raise RuntimeError("exhausted retries")
Failover hides the transient ones
The not-your-fault errors — 429, 500, 503 — are exactly the ones a gateway can absorb. On any of them it retries the request on an equivalent model from another provider, so the user never sees the error. Client errors (400/401/402/422) still need your fix, but the transient majority of production incidents become invisible reroutes. That's the difference between an LLM feature that flakes during provider hiccups and one that just keeps working.
Turn 429s and 5xx into invisible reroutes
DataLLM Lab fails over across 300+ models on rate limits and outages — transient provider errors reroute to an equivalent model automatically.
FAQ
What does a 402 error mean?
Payment Required — a billing problem (no credit, expired card, exhausted quota). Fix on the account side: add funds, update payment, or check a spend cap. Not a code bug.
What does a 429 error mean?
Too Many Requests — a rate limit (RPM/TPM/concurrency). Fix with backoff + retry, smoothing, or failover. Transient, not permanent.
What does a 401 error mean?
Unauthorized — a missing/wrong/revoked/wrong-region key. Check how the key is loaded and that it matches the endpoint. The most common first-call error.
What does a 500 error mean?
Internal Server Error (and 503) are the provider's fault — transient outages. Retry with backoff; fail over to another provider if it persists.
400 vs 422?
400 is malformed (bad JSON, wrong model id); 422 is well-formed but semantically invalid (out-of-range value). Both are client errors — fix the request.
How should I handle errors in code?
Retry transient ones (429, 500, 503) with backoff; fail fast on client errors (400/401/402/404/422); log with the request id. A gateway can centralize retries and failover.
Can a gateway hide errors?
The transient ones, yes — 429 and 5xx reroute to an equivalent model automatically. Client errors (400/401/402/422) still need your fix.
Should I retry a 402?
No — 402 is a billing block, so retrying fails again until you add funds or fix the payment method. Resolve it on the account side.
DataLLM Lab