diff --git a/internal/dataprovider/bolt.go b/internal/dataprovider/bolt.go
index ac731977..7c0b5758 100644
--- a/internal/dataprovider/bolt.go
+++ b/internal/dataprovider/bolt.go
@@ -1636,12 +1636,12 @@ func (p *BoltProvider) addAPIKey(apiKey *APIKey) error {
 		apiKey.LastUseAt = 0
 		if apiKey.User != "" {
 			if err := p.userExistsInternal(tx, apiKey.User); err != nil {
-				return util.NewValidationError(fmt.Sprintf("related user %q does not exists", apiKey.User))
+				return fmt.Errorf("%w: related user %q does not exists", ErrForeignKeyViolated, apiKey.User)
 			}
 		}
 		if apiKey.Admin != "" {
 			if err := p.adminExistsInternal(tx, apiKey.Admin); err != nil {
-				return util.NewValidationError(fmt.Sprintf("related admin %q does not exists", apiKey.User))
+				return fmt.Errorf("%w: related admin %q does not exists", ErrForeignKeyViolated, apiKey.Admin)
 			}
 		}
 		buf, err := json.Marshal(apiKey)
@@ -1681,12 +1681,12 @@ func (p *BoltProvider) updateAPIKey(apiKey *APIKey) error {
 		apiKey.UpdatedAt = util.GetTimeAsMsSinceEpoch(time.Now())
 		if apiKey.User != "" {
 			if err := p.userExistsInternal(tx, apiKey.User); err != nil {
-				return util.NewValidationError(fmt.Sprintf("related user %q does not exists", apiKey.User))
+				return fmt.Errorf("%w: related user %q does not exists", ErrForeignKeyViolated, apiKey.User)
 			}
 		}
 		if apiKey.Admin != "" {
 			if err := p.adminExistsInternal(tx, apiKey.Admin); err != nil {
-				return util.NewValidationError(fmt.Sprintf("related admin %q does not exists", apiKey.User))
+				return fmt.Errorf("%w: related admin %q does not exists", ErrForeignKeyViolated, apiKey.Admin)
 			}
 		}
 		buf, err := json.Marshal(apiKey)
@@ -2828,7 +2828,7 @@ func (p *BoltProvider) addIPListEntry(entry *IPListEntry) error {
 		}
 		if e := bucket.Get([]byte(entry.getKey())); e != nil {
 			return util.NewI18nError(
-				fmt.Errorf("entry %q already exists", entry.IPOrNet),
+				fmt.Errorf("%w: entry %q already exists", ErrDuplicatedKey, entry.IPOrNet),
 				util.I18nErrorDuplicatedIPNet,
 			)
 		}
@@ -3313,7 +3313,7 @@ func (p *BoltProvider) addAdminToRole(username, roleName string, bucket *bolt.Bu
 	}
 	r := bucket.Get([]byte(roleName))
 	if r == nil {
-		return util.NewGenericError(fmt.Sprintf("role %q does not exist", roleName))
+		return fmt.Errorf("%w: role %q does not exist", ErrForeignKeyViolated, roleName)
 	}
 	var role Role
 	err := json.Unmarshal(r, &role)
@@ -3368,7 +3368,7 @@ func (p *BoltProvider) addUserToRole(username, roleName string, bucket *bolt.Buc
 	}
 	r := bucket.Get([]byte(roleName))
 	if r == nil {
-		return util.NewGenericError(fmt.Sprintf("role %q does not exist", roleName))
+		return fmt.Errorf("%w: role %q does not exist", ErrForeignKeyViolated, roleName)
 	}
 	var role Role
 	err := json.Unmarshal(r, &role)
diff --git a/internal/dataprovider/memory.go b/internal/dataprovider/memory.go
index 17986b70..601c3061 100644
--- a/internal/dataprovider/memory.go
+++ b/internal/dataprovider/memory.go
@@ -1314,7 +1314,7 @@ func (p *MemoryProvider) addAdminToRole(username, role string) error {
 	}
 	r, err := p.roleExistsInternal(role)
 	if err != nil {
-		return util.NewGenericError(fmt.Sprintf("role %q does not exist", role))
+		return fmt.Errorf("%w: role %q does not exist", ErrForeignKeyViolated, role)
 	}
 	if !util.Contains(r.Admins, username) {
 		r.Admins = append(r.Admins, username)
@@ -1348,7 +1348,7 @@ func (p *MemoryProvider) addUserToRole(username, role string) error {
 	}
 	r, err := p.roleExistsInternal(role)
 	if err != nil {
-		return util.NewGenericError(fmt.Sprintf("role %q does not exist", role))
+		return fmt.Errorf("%w: role %q does not exist", ErrForeignKeyViolated, role)
 	}
 	if !util.Contains(r.Users, username) {
 		r.Users = append(r.Users, username)
@@ -1658,12 +1658,12 @@ func (p *MemoryProvider) addAPIKey(apiKey *APIKey) error {
 	}
 	if apiKey.User != "" {
 		if _, err := p.userExistsInternal(apiKey.User); err != nil {
-			return util.NewValidationError(fmt.Sprintf("related user %q does not exists", apiKey.User))
+			return fmt.Errorf("%w: related user %q does not exists", ErrForeignKeyViolated, apiKey.User)
 		}
 	}
 	if apiKey.Admin != "" {
 		if _, err := p.adminExistsInternal(apiKey.Admin); err != nil {
-			return util.NewValidationError(fmt.Sprintf("related admin %q does not exists", apiKey.User))
+			return fmt.Errorf("%w: related admin %q does not exists", ErrForeignKeyViolated, apiKey.Admin)
 		}
 	}
 	apiKey.CreatedAt = util.GetTimeAsMsSinceEpoch(time.Now())
@@ -1692,12 +1692,12 @@ func (p *MemoryProvider) updateAPIKey(apiKey *APIKey) error {
 	}
 	if apiKey.User != "" {
 		if _, err := p.userExistsInternal(apiKey.User); err != nil {
-			return util.NewValidationError(fmt.Sprintf("related user %q does not exists", apiKey.User))
+			return fmt.Errorf("%w: related user %q does not exists", ErrForeignKeyViolated, apiKey.User)
 		}
 	}
 	if apiKey.Admin != "" {
 		if _, err := p.adminExistsInternal(apiKey.Admin); err != nil {
-			return util.NewValidationError(fmt.Sprintf("related admin %q does not exists", apiKey.User))
+			return fmt.Errorf("%w: related admin %q does not exists", ErrForeignKeyViolated, apiKey.Admin)
 		}
 	}
 	apiKey.ID = k.ID
@@ -2673,7 +2673,7 @@ func (p *MemoryProvider) addIPListEntry(entry *IPListEntry) error {
 	_, err := p.ipListEntryExistsInternal(entry)
 	if err == nil {
 		return util.NewI18nError(
-			fmt.Errorf("entry %q already exists", entry.IPOrNet),
+			fmt.Errorf("%w: entry %q already exists", ErrDuplicatedKey, entry.IPOrNet),
 			util.I18nErrorDuplicatedIPNet,
 		)
 	}
diff --git a/internal/dataprovider/mysql.go b/internal/dataprovider/mysql.go
index 342d0de0..dd808bd9 100644
--- a/internal/dataprovider/mysql.go
+++ b/internal/dataprovider/mysql.go
@@ -346,7 +346,7 @@ func (p *MySQLProvider) addUser(user *User) error {
 }
 
 func (p *MySQLProvider) updateUser(user *User) error {
-	return sqlCommonUpdateUser(user, p.dbHandle)
+	return p.normalizeError(sqlCommonUpdateUser(user, p.dbHandle), -1)
 }
 
 func (p *MySQLProvider) deleteUser(user User, softDelete bool) error {
@@ -448,7 +448,7 @@ func (p *MySQLProvider) addAdmin(admin *Admin) error {
 }
 
 func (p *MySQLProvider) updateAdmin(admin *Admin) error {
-	return sqlCommonUpdateAdmin(admin, p.dbHandle)
+	return p.normalizeError(sqlCommonUpdateAdmin(admin, p.dbHandle), -1)
 }
 
 func (p *MySQLProvider) deleteAdmin(admin Admin) error {
@@ -472,11 +472,11 @@ func (p *MySQLProvider) apiKeyExists(keyID string) (APIKey, error) {
 }
 
 func (p *MySQLProvider) addAPIKey(apiKey *APIKey) error {
-	return sqlCommonAddAPIKey(apiKey, p.dbHandle)
+	return p.normalizeError(sqlCommonAddAPIKey(apiKey, p.dbHandle), -1)
 }
 
 func (p *MySQLProvider) updateAPIKey(apiKey *APIKey) error {
-	return sqlCommonUpdateAPIKey(apiKey, p.dbHandle)
+	return p.normalizeError(sqlCommonUpdateAPIKey(apiKey, p.dbHandle), -1)
 }
 
 func (p *MySQLProvider) deleteAPIKey(apiKey APIKey) error {
@@ -500,11 +500,11 @@ func (p *MySQLProvider) shareExists(shareID, username string) (Share, error) {
 }
 
 func (p *MySQLProvider) addShare(share *Share) error {
-	return sqlCommonAddShare(share, p.dbHandle)
+	return p.normalizeError(sqlCommonAddShare(share, p.dbHandle), fieldName)
 }
 
 func (p *MySQLProvider) updateShare(share *Share) error {
-	return sqlCommonUpdateShare(share, p.dbHandle)
+	return p.normalizeError(sqlCommonUpdateShare(share, p.dbHandle), -1)
 }
 
 func (p *MySQLProvider) deleteShare(share Share) error {
diff --git a/internal/dataprovider/pgsql.go b/internal/dataprovider/pgsql.go
index 7e6e5853..fe25081f 100644
--- a/internal/dataprovider/pgsql.go
+++ b/internal/dataprovider/pgsql.go
@@ -359,7 +359,7 @@ func (p *PGSQLProvider) addUser(user *User) error {
 }
 
 func (p *PGSQLProvider) updateUser(user *User) error {
-	return sqlCommonUpdateUser(user, p.dbHandle)
+	return p.normalizeError(sqlCommonUpdateUser(user, p.dbHandle), -1)
 }
 
 func (p *PGSQLProvider) deleteUser(user User, softDelete bool) error {
@@ -461,7 +461,7 @@ func (p *PGSQLProvider) addAdmin(admin *Admin) error {
 }
 
 func (p *PGSQLProvider) updateAdmin(admin *Admin) error {
-	return sqlCommonUpdateAdmin(admin, p.dbHandle)
+	return p.normalizeError(sqlCommonUpdateAdmin(admin, p.dbHandle), -1)
 }
 
 func (p *PGSQLProvider) deleteAdmin(admin Admin) error {
@@ -485,11 +485,11 @@ func (p *PGSQLProvider) apiKeyExists(keyID string) (APIKey, error) {
 }
 
 func (p *PGSQLProvider) addAPIKey(apiKey *APIKey) error {
-	return sqlCommonAddAPIKey(apiKey, p.dbHandle)
+	return p.normalizeError(sqlCommonAddAPIKey(apiKey, p.dbHandle), -1)
 }
 
 func (p *PGSQLProvider) updateAPIKey(apiKey *APIKey) error {
-	return sqlCommonUpdateAPIKey(apiKey, p.dbHandle)
+	return p.normalizeError(sqlCommonUpdateAPIKey(apiKey, p.dbHandle), -1)
 }
 
 func (p *PGSQLProvider) deleteAPIKey(apiKey APIKey) error {
@@ -513,11 +513,11 @@ func (p *PGSQLProvider) shareExists(shareID, username string) (Share, error) {
 }
 
 func (p *PGSQLProvider) addShare(share *Share) error {
-	return sqlCommonAddShare(share, p.dbHandle)
+	return p.normalizeError(sqlCommonAddShare(share, p.dbHandle), fieldName)
 }
 
 func (p *PGSQLProvider) updateShare(share *Share) error {
-	return sqlCommonUpdateShare(share, p.dbHandle)
+	return p.normalizeError(sqlCommonUpdateShare(share, p.dbHandle), -1)
 }
 
 func (p *PGSQLProvider) deleteShare(share Share) error {
diff --git a/internal/dataprovider/sqlite.go b/internal/dataprovider/sqlite.go
index 991dc9f0..5b7ed1d3 100644
--- a/internal/dataprovider/sqlite.go
+++ b/internal/dataprovider/sqlite.go
@@ -267,7 +267,7 @@ func (p *SQLiteProvider) addUser(user *User) error {
 }
 
 func (p *SQLiteProvider) updateUser(user *User) error {
-	return sqlCommonUpdateUser(user, p.dbHandle)
+	return p.normalizeError(sqlCommonUpdateUser(user, p.dbHandle), -1)
 }
 
 func (p *SQLiteProvider) deleteUser(user User, softDelete bool) error {
@@ -369,7 +369,7 @@ func (p *SQLiteProvider) addAdmin(admin *Admin) error {
 }
 
 func (p *SQLiteProvider) updateAdmin(admin *Admin) error {
-	return sqlCommonUpdateAdmin(admin, p.dbHandle)
+	return p.normalizeError(sqlCommonUpdateAdmin(admin, p.dbHandle), -1)
 }
 
 func (p *SQLiteProvider) deleteAdmin(admin Admin) error {
@@ -393,11 +393,11 @@ func (p *SQLiteProvider) apiKeyExists(keyID string) (APIKey, error) {
 }
 
 func (p *SQLiteProvider) addAPIKey(apiKey *APIKey) error {
-	return sqlCommonAddAPIKey(apiKey, p.dbHandle)
+	return p.normalizeError(sqlCommonAddAPIKey(apiKey, p.dbHandle), -1)
 }
 
 func (p *SQLiteProvider) updateAPIKey(apiKey *APIKey) error {
-	return sqlCommonUpdateAPIKey(apiKey, p.dbHandle)
+	return p.normalizeError(sqlCommonUpdateAPIKey(apiKey, p.dbHandle), -1)
 }
 
 func (p *SQLiteProvider) deleteAPIKey(apiKey APIKey) error {
@@ -421,11 +421,11 @@ func (p *SQLiteProvider) shareExists(shareID, username string) (Share, error) {
 }
 
 func (p *SQLiteProvider) addShare(share *Share) error {
-	return sqlCommonAddShare(share, p.dbHandle)
+	return p.normalizeError(sqlCommonAddShare(share, p.dbHandle), fieldName)
 }
 
 func (p *SQLiteProvider) updateShare(share *Share) error {
-	return sqlCommonUpdateShare(share, p.dbHandle)
+	return p.normalizeError(sqlCommonUpdateShare(share, p.dbHandle), -1)
 }
 
 func (p *SQLiteProvider) deleteShare(share Share) error {
diff --git a/internal/httpd/httpd_test.go b/internal/httpd/httpd_test.go
index 8fbde639..1cd59d1b 100644
--- a/internal/httpd/httpd_test.go
+++ b/internal/httpd/httpd_test.go
@@ -707,7 +707,7 @@ func TestRoleRelations(t *testing.T) {
 	admin, _, err := httpdtest.AddAdmin(a, http.StatusCreated)
 	assert.NoError(t, err)
 	admin.Role = "invalid role"
-	_, resp, err = httpdtest.UpdateAdmin(admin, http.StatusInternalServerError)
+	_, resp, err = httpdtest.UpdateAdmin(admin, http.StatusConflict)
 	assert.NoError(t, err, string(resp))
 	admin, _, err = httpdtest.GetAdminByUsername(admin.Username, http.StatusOK)
 	assert.NoError(t, err)
@@ -733,7 +733,7 @@ func TestRoleRelations(t *testing.T) {
 	assert.NoError(t, err)
 	assert.Equal(t, role.Name, user1.Role)
 	user1.Role = "missing"
-	_, _, err = httpdtest.UpdateUser(user1, http.StatusInternalServerError, "")
+	_, _, err = httpdtest.UpdateUser(user1, http.StatusConflict, "")
 	assert.NoError(t, err)
 	user1, _, err = httpdtest.GetUserByUsername(user1.Username, http.StatusOK)
 	assert.NoError(t, err)