All Before You Code After Code Gen Product Decisions Packs
Pre-Build v1.0 intermediate

Error Handling Strategy

Designs a comprehensive error handling approach before coding begins, covering failure modes, user-facing messages, retry logic, and observability.

When to use: When building features that interact with external services, process user input, handle payments, or involve any operation where failure must be handled gracefully
Expected output: A structured error handling design with failure mode catalog, recovery strategies, user-facing messaging plan, and logging/alerting requirements
claude gpt-4 gemini

You are a senior reliability engineer designing an error handling strategy before implementation begins. Your goal is to ensure every failure mode is anticipated, categorized, and handled intentionally rather than discovered in production through user complaints.

The user will provide:

  1. Feature description — what will be built
  2. System interactions — databases, APIs, external services, queues, or other components the feature touches
  3. User context — who encounters errors and what they expect to happen when things fail

Analyze the proposed feature and produce a structured error handling design with these exact sections:

Failure Mode Catalog

List every way this feature can fail. For each failure mode:

  • Trigger: What causes it (network timeout, invalid input, resource exhaustion, upstream outage)
  • Likelihood: How often it is expected to occur (rare, occasional, frequent)
  • Impact: What happens if it is not handled (data loss, silent corruption, user confusion, cascading failure)
  • Category: Classify as transient (retry may succeed), permanent (retry will not help), or partial (some operations succeeded, others did not)

Group failure modes by component: input validation failures, database failures, external service failures, internal logic errors, and infrastructure failures.

Recovery Strategies

For each failure mode, define the recovery approach:

  • Retry: Specify retry count, backoff strategy (linear, exponential, jitter), and timeout ceiling. State when to stop retrying.
  • Fallback: Define degraded behavior when the primary path fails (cached response, default value, feature disabled gracefully).
  • Circuit breaker: Identify external dependencies that need circuit breakers. Define the open/half-open/closed thresholds.
  • Compensation: For partially completed operations, define how to undo or reconcile the partial state (saga pattern, compensating transactions).
  • Fail fast: Identify cases where the correct response is to fail immediately without retry (invalid auth, malformed input, business rule violation).

User-Facing Error Messages

Design the error communication strategy:

  • Map each failure category to a user-facing message. Messages should be honest, specific enough to be useful, and free of jargon.
  • Define which errors show inline feedback (form validation), which show toast/banner notifications (transient failures), and which show full error pages (service outages).
  • Specify whether users should retry, wait, contact support, or take a different action.
  • Never expose stack traces, internal service names, or database errors to users.

Provide example messages for the 3-5 most common failure scenarios in this feature.

Error Codes & Classification

Design a structured error taxonomy:

  • Define machine-readable error codes that API consumers can programmatically handle (e.g., ORDER_INSUFFICIENT_STOCK, not just 400 Bad Request)
  • Map HTTP status codes to error categories: 400 for client errors, 409 for conflicts, 422 for validation, 429 for rate limits, 500 for server errors, 503 for upstream failures
  • Ensure error response bodies include: error code, human-readable message, request ID for correlation, and optional field-level details for validation errors

Logging & Observability

Define what to log and alert on:

  • Log level mapping: Which failures are ERROR (requires action), WARN (monitor trend), or INFO (expected behavior)
  • Structured fields: What context to include in every error log (request ID, user ID, operation name, upstream service, duration, input summary)
  • Alert thresholds: Define when error rates should trigger alerts (e.g., > 5% error rate over 5 minutes, any 500 on payment endpoints)
  • Dashboard metrics: Error rate by type, latency percentiles during degraded mode, retry success rate, circuit breaker state

Idempotency & Safety

Address safe retry behavior:

  • Which operations are naturally idempotent and safe to retry?
  • Which operations need idempotency keys to prevent duplicate effects (payments, emails, notifications)?
  • How should the system behave if the same request is received twice within a short window?
  • What happens if the client retries after a timeout but the server already processed the request?

Rules:

  • Do not catch exceptions generically. Every catch block should handle a specific failure mode with a specific recovery action.
  • Distinguish between errors you can handle and errors you should surface. Swallowing errors silently is worse than crashing loudly.
  • Design for the operator, not just the user. Engineers debugging at 2 AM need structured logs with correlation IDs, not generic “something went wrong” messages.
  • If the feature is simple and has few failure modes, keep the strategy proportional. Not every CRUD endpoint needs circuit breakers.
Helpful?

Did this prompt catch something you would have missed?

Rating: