diff --git a/lib/actions/user-actions.js b/lib/actions/user-actions.js
--- a/lib/actions/user-actions.js
+++ b/lib/actions/user-actions.js
@@ -768,7 +768,7 @@
           if (
             !registerReservedPasswordUser ||
             getMessageForException(e) !==
-              'need keyserver message to claim username'
+              'need_keyserver_message_to_claim_username'
           ) {
             throw e;
           }
diff --git a/services/identity/src/client_service.rs b/services/identity/src/client_service.rs
--- a/services/identity/src/client_service.rs
+++ b/services/identity/src/client_service.rs
@@ -113,7 +113,9 @@
     if !is_valid_username(&message.username)
       || is_valid_ethereum_address(&message.username)
     {
-      return Err(tonic::Status::invalid_argument("invalid username"));
+      return Err(tonic::Status::invalid_argument(
+        tonic_status_messages::INVALID_USERNAME,
+      ));
     }
 
     self.check_username_taken(&message.username).await?;
@@ -188,7 +190,9 @@
       .await
       .map_err(handle_db_error)?;
     if !username_in_reserved_usernames_table {
-      return Err(tonic::Status::permission_denied("username not reserved"));
+      return Err(tonic::Status::permission_denied(
+        tonic_status_messages::USERNAME_NOT_RESERVED,
+      ));
     }
 
     let user_id = validate_account_ownership_message_and_get_user_id(
@@ -321,7 +325,7 @@
 
         if username_in_reserved_usernames_table {
           return Err(tonic::Status::permission_denied(
-            "need keyserver message to claim username",
+            tonic_status_messages::NEED_KEYSERVER_MESSAGE_TO_CLAIM_USERNAME,
           ));
         }
 
@@ -453,7 +457,7 @@
     // WalletAuthRequest is used for both log_in_wallet_user and register_wallet_user
     if !message.initial_device_list.is_empty() {
       return Err(tonic::Status::invalid_argument(
-        "unexpected initial device list",
+        tonic_status_messages::UNEXPECTED_INITIAL_DEVICE_LIST,
       ));
     }
 
@@ -489,7 +493,7 @@
 
       if username_in_reserved_usernames_table {
         return Err(tonic::Status::permission_denied(
-          "need keyserver message to claim username",
+          tonic_status_messages::NEED_KEYSERVER_MESSAGE_TO_CLAIM_USERNAME,
         ));
       }
 
@@ -758,12 +762,14 @@
       .map_err(handle_db_error)?
     else {
       warn!("User {} does not have valid device list. Secondary device auth impossible.", user_id);
-      return Err(tonic::Status::aborted("device list error"));
+      return Err(tonic::Status::aborted(
+        tonic_status_messages::DEVICE_LIST_ERROR,
+      ));
     };
 
     if !device_list.device_ids.contains(&device_id) {
       return Err(tonic::Status::permission_denied(
-        "device not in device list",
+        tonic_status_messages::DEVICE_NOT_IN_DEVICE_LIST,
       ));
     }
 
@@ -830,12 +836,12 @@
       .map_err(handle_db_error)?
       .ok_or_else(|| {
         warn!("User {} does not have a valid device list.", user_id);
-        tonic::Status::aborted("device list error")
+        tonic::Status::aborted(tonic_status_messages::DEVICE_LIST_ERROR)
       })?;
 
     if !device_list.device_ids.contains(&device_id) {
       return Err(tonic::Status::permission_denied(
-        "device not in device list",
+        tonic_status_messages::DEVICE_NOT_IN_DEVICE_LIST,
       ));
     }
 
@@ -977,7 +983,9 @@
     use find_user_id_request::Identifier;
     let (user_ident, auth_type) = match message.identifier {
       None => {
-        return Err(tonic::Status::invalid_argument("no identifier provided"))
+        return Err(tonic::Status::invalid_argument(
+          tonic_status_messages::NO_IDENTIFIER_PROVIDED,
+        ))
       }
       Some(Identifier::Username(username)) => (username, AuthType::Password),
       Some(Identifier::WalletAddress(address)) => (address, AuthType::Wallet),
diff --git a/services/identity/src/constants.rs b/services/identity/src/constants.rs
--- a/services/identity/src/constants.rs
+++ b/services/identity/src/constants.rs
@@ -240,6 +240,15 @@
   pub const BAD_CREDENTIALS: &str = "bad_credentials";
   pub const SESSION_NOT_FOUND: &str = "session_not_found";
   pub const INVALID_TIMESTAMP: &str = "invalid_timestamp";
+  pub const INVALID_USERNAME: &str = "invalid_username";
+  pub const USERNAME_NOT_RESERVED: &str = "username_not_reserved";
+  pub const NEED_KEYSERVER_MESSAGE_TO_CLAIM_USERNAME: &str =
+    "need_keyserver_message_to_claim_username";
+  pub const UNEXPECTED_INITIAL_DEVICE_LIST: &str =
+    "unexpected_initial_device_list";
+  pub const DEVICE_LIST_ERROR: &str = "device_list_error";
+  pub const DEVICE_NOT_IN_DEVICE_LIST: &str = "device_not_in_device_list";
+  pub const NO_IDENTIFIER_PROVIDED: &str = "no_identifier_provided";
 }
 
 // Tunnelbroker