Remove the hierarchical inheritance relationship between a specified role and its child role. References: NIST SP 800-53 AC-2 (Account Management), OWASP ASVS V1.2 (Access Control Architecture).
Code is the error code (optional) used by programs to identify error types, e.g., "required", "format", "range"
description
string
No
Description is a human-readable error description that should explain which rule was violated, e.g., "Must be a valid email address"
field
string
No
Field is the path to the error field, using dot notation for nested fields, e.g., "user.email" or "addresses[0].city"
value
object
No
Value is the value that caused the error (optional, used in development mode); may not be returned in production to avoid leaking sensitive information
dto.Problem
Field
Type
Required
Example
Constraints
Description
code
integer
No
Code is the business error code used by programs to handle specific error scenarios. Example: 30101001
detail
string
No
Detail is a human-readable explanation specific to this error instance, which may include specific error details, e.g., "Field 'email' is required"
Errors is a list of field-level validation errors (extension field), following Web API standard practices, each error contains the field name and error message
i18n_args
object
No
I18nArgs are internationalization parameters used to dynamically fill translation templates
i18n_key
string
No
I18nKey is the internationalization key used for client-side localization of error messages. Example: "error.user_not_found"
instance
string
No
Instance is the specific URI reference where the problem occurred, usually the request URL, possibly including query parameters. Example: "/api/v1/users?limit=invalid"
request_id
string
No
RequestID is the unique request identifier used for log correlation and issue tracking. Example: "req_550e8400-e29b-41d4-a716-446655440000"
retry_after
integer
No
RetryAfter is used for 429 Too Many Requests responses, indicating how many seconds the client should wait before retrying (RFC 6585)
service
string
No
Service is the service name used in microservice architectures to locate the error source. Example: "auth-service"
span_id
string
No
SpanID is the current span identifier used to precisely locate the current node in a distributed trace
status
integer
No
Status is the HTTP status code generated, used by clients to distinguish problem types, does not change with Accept-Language. Example: 400, 401, 403, 404, 500
timestamp
string
No
Timestamp is the time the error occurred, in ISO 8601 format. Example: "2026-04-03T12:00:00Z"
title
string
No
Title is a short, human-readable summary of the problem type; the same Type should always have the same Title (does not vary by instance). Example: "Invalid Request Parameters"
trace_id
string
No
TraceID is the distributed tracing identifier, following the W3C Trace Context standard. Example: "00-0af7651916cd43dd8448eb211c80319c-b7ad6b7169203331-01"
type
string
No
Type is a URI reference that identifies the problem type; when dereferenced, it should provide human-readable documentation. Example: "https://api.example.com/errors/invalid-request"