Errors returned in browser

If the redirect URI parameter is missing, or the redirect URI does not match one of the registered redirect URLs for the application, Akoya will not redirect the user back to your application (as this would leave your application vulnerable to an open redirector attack). Instead, Akoya will display an error to the user, similar to the image below.



Example of browser displaying "Bad Request"

HTTP Code/ErrorError DescriptionPossible issue
200No "connector" Will return an incorrect login screen
400 Bad RequestUnregistered redirect_uri (e.g. "https://wrong/v1/callback"))The redirect_uri is incorrect or not registered
400 Bad RequestInvalid ConnectorIDThe providerId is incorrect
400 Bad RequestInvalid client_id ("client_id").The clientId is incorrect
400 Bad RequestRequested resource does not existVerify your clientId. If it is correct, please contact Akoya.
404/500404 and 500 server errors do not return custom messaging to the browser.
501501 errors, subsystem is unavailable or temporarily unavailable

Error codes returned in URL (invalid parameters)

For other errors, the server will redirect the application to the redirect URI, but will include an error in the query string matching the types below:



Example parameters in URL: error=invalid_scope&error_description=Missing+required+scope(s)+["openid"].&state=

"error""error_description"Possible issue
invalid_requestInvalid+response+typeThe request is missing a parameter, contains an invalid parameter, includes a parameter more than once, or is otherwise invalid.
invalid_scopeMissing+required+scopeThe requested scope is invalid or unknown.
access_deniedThe user or authorization server denied the request.
unauthorized_clientThe client is not allowed to request an authorization code using this method, for example, if a confidential client attempts to use the implicit grant type.
unsupported_response_typeThe server does not support obtaining an authorization code using this method, for example, if the authorization server never implemented the implicit grant type.
server_errorInstead of displaying a 500 Internal Server error page to the user, the server can redirect with this error code.
temporarily_unavailableIf the server is undergoing maintenance, or is otherwise unavailable, this error code can be returned instead of responding with a 503 Service Unavailable status code.