oauth tutorial - OAuth Error Response and Codes - oauth2 tutorial - oauth authentication
What is Error Response and Codes in OAuth 2.0?
- The authorization server has error response which responds with HTTP 400 or 401 status codes.
- If an error occurs during the authorization, two cases are given.
- The client is not identified or recognized by the authorization server.
- Despite the client being identified, some other error message is shown.
- If that is the case, an error response is sent back to the client which is given as follows:
- Hence it is required and is given as a set of predefined error codes.
- Error description is human readable error description given in the language specified by the Content-Language header
- The error description parameter is used only to include ASCII characters, and it should be given as a sentence or two when describing the circumstance of the error.
- This is given as a link to the human-readable web page which is given along with information about an error which can be helpful for problem solving.
- The error uri is a link to the API documentation for information as per how to correct the specfic error which was encountered.
- Error responses are returned with an HTTP 400 status code with error and error description parameters. The error parameters are given below as follows:
- invalid_request is the request which is missing a parameter so the server can’t proceed with the request.
- invalid_client is known for client authentication failed, such as the request contains an invalid client ID or secret.
- invalid_grant is given the authorization code which is said to be invalid or expired. This is also can be given as the error we would return if the redirect URL given in the authorization grant does not match the URL which is provided in the access token request.
- invalid_scope is done for access token requests that include a scope in which the error indicates an invalid scope value given in the request.
- unauthorized_client is the client who is not authorized to use the requested grant type.
- unsupported_grant_type is shown if a grant type is requested such that the authorization server does not recognize.
- The entire error response is returned as a JSON string, which is given similar to the successful response.
- Given below is an example of an error response.
- Description of error codes and equivalent HTTP status codes are given below in form of tables:
- The table which is given below shows us the description of 400 errors.
|Sr.No.||Error & Description|
OAuth 2.0 only supports the calls over https.
If an unsupported version of OAuth is supplied.
If a required parameter is missing from the request.
When a given parameter is too long.
When an invalid client ID is given.
When an invalid request parameter is given.
When a response type provided does not match that particular request.
When a grant type is provided that does not match a particular request.
When an invalid request parameter is provided.
When the client is not given the permission to perform some action.
When the resource owner refuses the request for authorization.
This error displays an unexpected error.
- The table which is given below shows us the description of 401 errors.
|Sr.No.||Error & Description|
When the provided token expires.
When the provided token is invalid.
When the provided URI with the request does not match the consumer key.
When the provided client server is invalid.
When the provided token has either expired or is invalid.