DOCUMENTATION
πŸ”— SupportRecipient login

Consent flow cancellation error handling

This is a discussion of the non-success paths that may occur during the consumer sign-up / consent / account selection flow.

Consent flow scenarios

Several cases are detailed below. For more information about OAuth 2.0 error handling, see the "Error response" section of this article.

Case 1: Success

  • User is authenticated with data provider.

  • User provides consent on data provider owned consent screen.

  • The provider sends an OAuth grant code to Akoya. Akoya requests a provider token. In exchange for the OAuth grant code, the provider issues Akoya tokens.

  • User authorizes the accounts on Akoya owned account selection UI.

  • Akoya redirects to the data recipient successfully.

Case 2: User selects cancel on data provider-owned consent screen

  • User is authenticated with data provider.

  • User does not provide consent on data provider owned consent screen but clicks on cancel button.

  • Data provider neither generates nor shares a token with Akoya.

  • Data provider generates an error response and redirects the user to Akoya.

  • Data provider sends the error as query parameters in the redirect to Akoya per OAuth 2.0 standard.

  • Akoya shows a page with a β€œConnection Issue” message.

  • When user selects cancel on that error page, Akoya redirects user to the recipient with the same OAuth standard error.

Case 3: User selects cancel on Akoya-owned account selection screen or closes the browser

  • User is authenticated with data provider.

  • User provides consent on data provider owned consent screen.

  • The provider sends an OAuth grant code to Akoya. Akoya requests a provider token. In exchange for the OAuth grant code, the provider issues Akoya tokens.

  • Users clicks on the cancel button on the Akoya owned account selection UI.

  • Akoya redirects to the data recipient with appropriate error description.

Case 4: User abandons the Akoya-owned account selection screen, doesn’t make any selection, and the screen times out

  • User is authenticated with data provider.

  • User provides consent on data provider owned consent screen.

  • The provider sends an OAuth grant code to Akoya. Akoya requests a provider token. In exchange for the OAuth grant code, the provider issues Akoya tokens.

  • Users does not do anything, abandons the Akoya owned account selection UI, and it times out.

  • Akoya redirects to the data recipient with appropriate error description.

Case 5: Account List API errors out

  • User is authenticated with data provider.

  • User provides consent on data provider owned consent screen.

  • The provider sends an OAuth grant code to Akoya. Akoya requests a provider token. In exchange for the OAuth grant code, the provider issues Akoya tokens.

  • Account List API fails/errors out and Akoya is not able to display any account information of the user on the account selection UI. An error message is displayed to the user. A β€œCancel” button is presented to the user which will redirect to recipient with error.

  • Akoya redirects to the data recipient with appropriate error description.