oauth tutorial - OAuth Access Token Error Response and Codes - oauth2 tutorial - oauth authentication
What is Access token?
- The third party then uses the access token to access the protected resources hosted by the resource server.
- OAuth is a service that is complementary to and distinct from OpenID.
- OAuth is also distinct from OATH, which is a reference architecture for authentication, not a standard for authorization.
- Access token is a type of token that is assigned by the authorization server.
- The authorization server issues the access token, if the access token request is valid and authorized.
- If the token access request is invalid or unauthorized, then the authorization server returns an error response.
Error Response:
- The application can handle error response by sending them to redirect_uri.
For instance:
- The above URI contains the following parameters −
- error − It specifies the error code if there is an invalid request, invalid client, invalid grant, or unauthorized client.
- error_description − It defines the detail description of the error.
- Following are the various error codes, which can occur when there are errors at the authorization endpoint.
S.No | Error & Description | Error Code |
---|---|---|
1 | invalid_request
This error occurs when there is a missing parameter that includes multiple |
400 |
2 | unauthorized_client
The unauthorized client is not allowed to access the authorization grant type. |
401 |
3 | access_denied
It specifies the user will have no access permission to files or subfolders. |
401 |
4 | unsupported_response_type
It specifies the response type is not supported by the authorization server. |
415 |
5 | server_error
This error code is mainly used when 500 internal server cannot be returned |
500 |
6 | temporarily_unavailable
It specifies that the server is unable to handle the request during overloading |
503 |