Getting precise login error and displaying it in Sign In Widget

Tenant is OIE. We have a policy that will deny a user if a certain attribute is found on the user profile. We are able to capture the fact that an error occurred and can update the Sign-in widget with a custom message. The problem that we have is that we are trying to capture the precise error by code so that we can let the use know the best next step. For instance, there is an Error 0000057 in particular we would like to handle in a special way,

Any insights or pointers to resolve, research, etc will be greatly appreciated.