Errors
This is completely vanilla as per theOAuth 2.0standard specification. This overview is available for informational purpose and to highlight difference between the Sell APIstandard errors response formatand the OAuth authorization error response format.
Header
An error response will specify theContent-Language
of the response and have theContent-Type
parameter set toapplication/json; charset=utf-8
. In addition, the Authorization Server includes theCache-Control: no-store
andPragma: no-cache
headers in order to prevent any intermediate cache servers from storing responses with any sensitive information.
Body
The basic structure of an error response is a JSON object that holds error information at the highest object level. Error fields are described the table below.
Name | Description |
---|---|
error |
The error code. One ofError Codes |
error_description |
An optional human readable error description in a language specified by theContent-Language header. |
error_uri |
An optional link to resources that can be helpful for problem solving. |
Example
Content-Type:application/json; charset=utf-8
Content-Language:en
Cache-Control:no-store
Pragma:no-cache
Vary:Content-Language
{
"error":"access_denied",
"error_description":"Access denied.",
"error_uri":"https://developers.getbase.com/docs/rest/articles/oauth2/errors"
}
HTTP status codes summary
OAuth authorization requests can produce responses with the following HTTP status codes.
HTTP Status Code | HTTP Status Message | Meaning |
---|---|---|
200 | OK | Everything worked as expected. The response includes a non empty body. |
400 | Bad Request | Returned with every error except for those specified below. |
401 | Unauthorized | 只有返回eitherinvalid_client orinvalid_token errors. |
403 | Forbidden | 只有返回insufficient_scope error. |
Error Codes
Below you will find a summary of error codes and corresponding HTTP status codes for every OAuth flow Sell supports.
Requesting an Authorization via/oauth2/authorize
Error Code | HTTP Status Code | Meaning |
---|---|---|
invalid_request |
400 | The request is malformed, a required parameter is missing or a parameter has an invalid value. |
unauthorized_client |
400 | The client is not authorized. |
access_denied |
400 | The resource owner denied the request for authorization. |
unsupported_response_type |
400 | Unsupported response type. |
invalid_scope |
400 | The scope is malformed or invalid. |
server_error |
400 | Unexpected error. |
temporarily_unavailable |
400 | The authorization server is not able to handle the request. |
Requesting an Access Token via/oauth2/token
Error Code | HTTP Status Code | Meaning |
---|---|---|
invalid_request |
400 | The request is malformed, a required parameter is missing or a parameter has an invalid value. |
invalid_client |
401 | Client authentication failed. |
invalid_grant |
400 | Invalid authorization grant, grant invalid, grant expired, or grant revoked. |
unauthorized_client |
400 | Client is not authorized to use the grant. |
unsupported_grant_type |
400 | Authorization grant is not supported by the Authorization Server. |
invalid_scope |
400 | The scope is malformed or invalid. |
Revoking a Token via/oauth2/token/revoke
Error Code | HTTP Status Code | Meaning |
---|---|---|
invalid_request |
400 | The request is malformed, a required parameter is missing or a parameter has an invalid value. |
invalid_client |
401 | Client authentication failed. |
invalid_grant |
400 | Invalid authorization grant, grant invalid, grant expired, or grant revoked. |
unauthorized_client |
400 | Client is not authorized to use the grant. |
unsupported_grant_type |
400 | Authorization grant is not supported by the Authorization Server. |
invalid_scope |
400 | The scope is malformed or invalid. |
unsupported_token_type |
400 | The Authorization Server does not support revocation of the presented token type. |