- OAuth 2.0 Tutorial
- OAuth 2.0 - Home
- OAuth 2.0 - Overview
- OAuth 2.0 - Architecture
- OAuth 2.0 - Client Credentials
- Obtaining an Access Token
- Accessing a Protected Resource
- OAuth 2.0 - Extensibility
- OAuth 2.0 - IANA Considerations
- OAuth 2.0 Useful Resources
- OAuth 2.0 - Quick Guide
- OAuth 2.0 - Useful Resources
- OAuth 2.0 - Discussion
OAuth 2.0 - Error Response and Codes
The authorization server responds with HTTP 400 or 401 status codes. Here, two cases take place, if an error occurs during the authorization. In the first case, the client is not identified or recognized. In the second case, something else fails in spite of the client being identified exactly. In such a case, an error response is sent back to the client as follows −
error_description − It is an optional human readable error description in a language specified by Content-Language header, which is meant for the developer and not the end user.
error_uri − It is an optional link to a human-readable web page along with information about an error that can be helpful for problem solving.
error − It is a set of predefined error codes.
Following is the description of error codes and equivalent HTTP status codes.
400 Errors
The following table shows 400 errors with description.
Sr.No. | Error & Description |
---|---|
1 | unsupported_over_http OAuth 2.0 only supports the calls over https. |
2 | version_rejected If an unsupported version of OAuth is supplied. |
3 | parameter_absent If a required parameter is missing from the request. |
4 | parameter_rejected When a given parameter is too long. |
5 | invalid_client When an invalid client ID is given. |
6 | invalid_request When an invalid request parameter is given. |
7 | unsupported_response_type When a response type provided does not match that particular request. |
8 | unsupported_grant_type When a grant type is provided that does not match a particular request. |
9 | invalid_param When an invalid request parameter is provided. |
10 | unauthorized_client When the client is not given the permission to perform some action. |
11 | access_denied When the resource owner refuses the request for authorization. |
12 | server_error This error displays an unexpected error. |
401 Errors
The following table shows 401 errors with description.
Sr.No. | Error & Description |
---|---|
1 | token_expired When the provided token expires. |
2 | invalid_token When the provided token is invalid. |
3 | invalid_callback When the provided URI with the request does not match the consumer key. |
4 | invalid_client_secret When the provided client server is invalid. |
5 | invalid_grant When the provided token has either expired or is invalid. |