Skip to main content
These gRPC status codes come from the Ledger API layer.

AUTH_INVALID_TOKEN

Cause: The bearer token is missing, malformed, expired, or signed with an unrecognized key. Fix:
  • Verify the token has not expired (check the exp claim)
  • Confirm the token audience matches LEDGER_API_AUTH_AUDIENCE
  • Ensure the token includes the daml_ledger_api scope
  • Check that the JWKS URL configured on the validator is reachable and returns the correct signing keys

PACKAGE_NOT_FOUND

Cause: The validator does not have the DAR that contains the referenced package, or the package has not been vetted. Fix: Upload the DAR:
After uploading, confirm the package appears in the package list before retrying the command.

PARTY_NOT_KNOWN

Cause: The party identifier in the command does not match any party allocated on this validator. Fix: Allocate the party first, or verify you are using the correct party identifier. Party IDs are case-sensitive and include a fingerprint suffix (e.g., Alice::1220abcd...). List known parties:

PERMISSION_DENIED

Cause: The authenticated user does not have rights to act as the requested party. Fix: Grant the user read/write access to the party through the Admin API: