When calling “oauth2/default/v1/token” using email and password and getting the StatusCode: 400, when deserializing the token response I’m wanting to handle what errors could return when during this process.
Do you happen to have a list of what “error”, “error_description” could be returned?
Example: “{“error”:“access_denied”,“error_description”:“User is not assigned to the client application.”}”
These error codes are defined in the OAuth spec (though their descriptions will vary based on implementation and the underlying cause):
error
REQUIRED. A single ASCII [USASCII] error code from the following:
invalid_request
The request is missing a required parameter, includes an
invalid parameter value, includes a parameter more than
once, or is otherwise malformed.
unauthorized_client
The client is not authorized to request an authorization
code using this method.
access_denied
The resource owner or authorization server denied the
request.
unsupported_response_type
The authorization server does not support obtaining an
authorization code using this method.
invalid_scope
The requested scope is invalid, unknown, or malformed.
server_error
The authorization server encountered an unexpected
condition that prevented it from fulfilling the request.
(This error code is needed because a 500 Internal Server
Error HTTP status code cannot be returned to the client
via an HTTP redirect.)
temporarily_unavailable
The authorization server is currently unable to handle
the request due to a temporary overloading or maintenance
of the server. (This error code is needed because a 503
Service Unavailable HTTP status code cannot be returned
to the client via an HTTP redirect.)
Values for the "error" parameter MUST NOT include characters
outside the set %x20-21 / %x23-5B / %x5D-7E.
Excellent, Thanks so much!!!
Appriciate ya.
Something interesting here, where can I find the errors in the 400 return code?
These don’t show in your spec location
{“error”:“access_denied”,“error_description”:“User is not assigned to the client application.”}
{“error”:“invalid_grant”,“error_description”:“Resource owner password credentials cannot be used with MFA enabled.”}
Hmm… I don’t know any place where these error_descriptions are itemized out, so its possible the exact verbiage of these errors can change
Understood, I’ll account for them when we face them.
Thanks for looking.
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.