oauth tutorial - OAuth Access Token Error Response and Codes - oauth2 tutorial - oauth authentication




What is Access token?

  • The third party then uses the access token to access the protected resources hosted by the resource server.
  • OAuth is a service that is complementary to and distinct from OpenID.
  • OAuth is also distinct from OATH, which is a reference architecture for authentication, not a standard for authorization.
  • Access token is a type of token that is assigned by the authorization server.
  • The authorization server issues the access token, if the access token request is valid and authorized.
  • If the token access request is invalid or unauthorized, then the authorization server returns an error response.

Error Response:

  • The application can handle error response by sending them to redirect_uri.

For instance:

GET http://www.site.com/?error=access_denied&error_description=
the+user+canceled+authentication
click below button to copy the code. By - oauth tutorial - oauth2 tutorial - team
  • The above URI contains the following parameters −
    • error − It specifies the error code if there is an invalid request, invalid client, invalid grant, or unauthorized client.
    • error_description − It defines the detail description of the error.
  • Following are the various error codes, which can occur when there are errors at the authorization endpoint.
S.No Error & Description Error Code
1 invalid_request

This error occurs when there is a missing parameter that includes multiple
credentials, unsupported parameter value.

400
2 unauthorized_client

The unauthorized client is not allowed to access the authorization grant type.

401
3 access_denied

It specifies the user will have no access permission to files or subfolders.

401
4 unsupported_response_type

It specifies the response type is not supported by the authorization server.

415
5 server_error

This error code is mainly used when 500 internal server cannot be returned
to the client by using HTTP redirect.

500
6 temporarily_unavailable

It specifies that the server is unable to handle the request during overloading
of server or during server maintenance.

503

Related Searches to OAuth Access Token Error Response and Codes