diff --git a/src/accesscontrol.js b/src/accesscontrol.js
index 64999ae78..c7af36bf0 100644
--- a/src/accesscontrol.js
+++ b/src/accesscontrol.js
@@ -99,7 +99,7 @@ function hasScopes(authorizedScopes, requiredScopes) {
         // this allows apps:write if the token has a higher apps scope
         if (authorizedScopes.indexOf(requiredScopes[i]) === -1 && authorizedScopes.indexOf(scopeParts[0]) === -1) {
             debug('scope: missing scope "%s".', requiredScopes[i]);
-            return new Error('Missing required scope "' + requiredScopes[i] + '"');
+            return new BoxError(BoxError.NOT_FOUND, 'Missing required scope "' + requiredScopes[i] + '"');
         }
     }
 
diff --git a/src/boxerror.js b/src/boxerror.js
index 55c051ad0..cb2bce0ba 100644
--- a/src/boxerror.js
+++ b/src/boxerror.js
@@ -53,6 +53,7 @@ BoxError.LOGROTATE_ERROR = 'Logrotate Error';
 BoxError.NETWORK_ERROR = 'Network Error';
 BoxError.NGINX_ERROR = 'Nginx Error';
 BoxError.NOT_FOUND = 'Not found';
+BoxError.NOT_IMPLEMENTED = 'Not implemented';
 BoxError.NOT_SIGNED = 'Not Signed';
 BoxError.OPENSSL_ERROR = 'OpenSSL Error';
 BoxError.PLAN_LIMIT = 'Plan Limit';