Errors
Failed SDK calls surface as SdkError: a normalized wrapper around PostgREST and Supabase errors, with message, optional code, details, and hint for debugging.
SdkError
All resource methods and setTenant / clearTenant normalize failures into SdkError:
- Name
message- Description
Error message from PostgREST or RPC.
- Name
code- Description
Optional. PostgREST/Supabase error code (e.g.
PGRST301, auth codes).
- Name
details- Description
Optional. Additional detail from the backend.
- Name
hint- Description
Optional. Hint from the backend on how to fix the issue.
Catching SdkError
import { createDbClient, SdkError } from '@workorder-systems/sdk'
const client = createDbClient(url, anonKey)
try {
await client.workOrders.list()
} catch (err) {
if (err instanceof SdkError) {
console.error(err.message, err.code, err.details, err.hint)
}
throw err
}
You can also use normalizeError(error) to turn an unknown thrown value into an SdkError without throwing.
Common codes
Errors come from Supabase/PostgREST and your RPCs. Typical sources:
- PGRST*: PostgREST (e.g. invalid filter, missing column). Check PostgREST errors for code meanings.
- Auth: Supabase Auth (e.g. invalid credentials, session expired). Check Supabase Auth docs for handling.
- RPC: your
rpc_*functions can return custom messages and codes;detailsandhintmay contain server-set text.
Status codes
The SDK does not expose HTTP status codes directly; it throws on error. Under the hood, Supabase uses standard HTTP: 2xx for success, 4xx for client errors (e.g. 401 unauthorized, 403 forbidden, 404 not found), 5xx for server errors. Use SdkError.message and code / details / hint to decide how to handle failures in your app.
Permission denied (42501): When an RPC requires a permission or scope the user does not have, the backend returns an error (often with a message like “Permission denied … tenant.admin required” or “Unauthorized … workorder.edit”). See Authorization (RBAC & ABAC) for how roles, permissions, and scopes work.