Errors returned in browser
If the redirect URI parameter is missing, or the redirect URI does not match one of the registered redirect URLs for the application, Akoya will not redirect the user back to your application (as this would leave your application vulnerable to an open redirector attack). Instead, Akoya will display an error to the user, similar to the image below.
Example
Example of browser displaying "Bad Request"
| HTTP Code/Error | Error Description | Possible issue |
|---|---|---|
| 200 | No "connector" Will return an incorrect login screen | |
| 400 Bad Request | Unregistered redirect_uri (e.g. "https://wrong/v1/callback")) | The redirect_uri is incorrect or not registered |
| 400 Bad Request | Invalid ConnectorID | The providerId is incorrect |
| 400 Bad Request | Invalid client_id ("client_id"). | The clientId is incorrect |
| 400 Bad Request | Requested resource does not exist | Verify your clientId. If it is correct, please contact Akoya. |
| 404/500 | 404 and 500 server errors do not return custom messaging to the browser. | |
| 501 | 501 errors, subsystem is unavailable or temporarily unavailable |
Error codes returned in URL (invalid parameters)
For other errors, the server will redirect the application to the redirect URI, but will include an error in the query string matching the types below:
Example
Example parameters in URL: error=invalid_scope&error_description=Missing+required+scope(s)+["openid"].&state=
| "error" | "error_description" | Possible issue |
|---|---|---|
| invalid_request | Invalid+response+type | The request is missing a parameter, contains an invalid parameter, includes a parameter more than once, or is otherwise invalid. |
| invalid_scope | Missing+required+scope | The requested scope is invalid or unknown. |
| access_denied | The user or authorization server denied the request. | |
| unauthorized_client | The client is not allowed to request an authorization code using this method, for example, if a confidential client attempts to use the implicit grant type. | |
| unsupported_response_type | The server does not support obtaining an authorization code using this method, for example, if the authorization server never implemented the implicit grant type. | |
| server_error | Instead of displaying a 500 Internal Server error page to the user, the server can redirect with this error code. | |
| temporarily_unavailable | If the server is undergoing maintenance, or is otherwise unavailable, this error code can be returned instead of responding with a 503 Service Unavailable status code. |