Troubleshooting

Integrating an Authentication solution can be tough sometimes, especially when dealing with unclear error messages. In this section, we will do our best to describes potential problems that can occur when making the request to issue a new access_token.

Fewlines Connect follows the OAuth 2.0 specification, a standardized process to authenticate Users. This process wait for specific parameters which should respect a specific format. If, at least, one of them is missing or malformed then, an error will be returned.

When it happens, the HTTP response will have a status code of 400 (Bad Request) or 401 (Unauthorized) depending on the guilty parameter(s). In the body part of the response, we can also find an error field which contains an error code.

E.g.

HTTP/1.1 400 Bad Request
Content-Type: application/json;charset=UTF-8

{
  "error":"invalid_request"
}

Below is a list of possible error codes that can be returned, along with additional informations about how to resolve them.

Error Codes

  • invalid_client

    When exchanging an authorization_code for an access_token, it’s mandatory to give the needed credentials to authenticate your Application. Having this error means that the given client_id and/or client_secret fields are missing or invalid.

  • invalid_grant

    The given authorization_code or refresh_token is invalid. Be sure that the token isn’t expired or revoked. Also, check if redirect_uri does match the one used to get the authorization_code.

  • invalid_request

    When this error appears, it usually means that some parameter(s) are missing, had an unsupported value or are repeated. Please, check the needed parameters and their format.

  • invalid_scope

    The generated access_token gave an access to some informations depending on which scopes are given in the request. Those scopes should be sent as a list of string, seperated by space, and should be a subset of the scopes your Application subscribed to. (e.g. "email address phone")

  • unauthorized_client

    The Application was succesfuly authenticated with the given credentials, however it isn’t allowed to use this type of grant. Be sure to use the type of grant your Application was configured for.

  • unsupported_grant_type

    The parameter grant_type contains an invalid value, be sure that this field is set properly. (e.g. authorization_code, refresh_token)

Table of Content