DOCUMENTATION
API Docs
Recipient login

Consent flow cancellation error handling

This is a discussion of the non-success paths that may occur during the consumer sign-up / consent / account selection flow.

Consent flow scenarios

Several cases are detailed below. For more information about OAuth 2.0 error handling, see the "Error response" section of this article.

Case 1: Success

  • User is authenticated with data provider.

  • User provides consent on data provider owned consent screen.

  • The provider sends an OAuth grant code to Akoya. Akoya requests a provider token. In exchange for the OAuth grant code, the provider issues Akoya tokens.

  • User authorizes the accounts on Akoya owned account selection UI.

  • Akoya redirects to the data recipient successfully.

Case 2: User selects cancel on data provider-owned consent screen

  • User is authenticated with data provider.

  • User does not provide consent on data provider owned consent screen but clicks on cancel button.

  • Data provider neither generates nor shares a token with Akoya.

  • Data provider generates an error response and redirects the user to Akoya.

  • Data provider sends the error as query parameters in the redirect to Akoya per OAuth 2.0 standard.

  • Akoya shows a page with a “Connection Issue” message.

  • When user selects cancel on that error page, Akoya redirects user to the recipient with the same OAuth standard error.

Case 3: User selects cancel on Akoya-owned account selection screen or closes the browser

  • User is authenticated with data provider.

  • User provides consent on data provider owned consent screen.

  • The provider sends an OAuth grant code to Akoya. Akoya requests a provider token. In exchange for the OAuth grant code, the provider issues Akoya tokens.

  • Users clicks on the cancel button on the Akoya owned account selection UI.

  • Akoya redirects to the data recipient with appropriate error description.

Case 4: User abandons the Akoya-owned account selection screen, doesn’t make any selection, and the screen times out

  • User is authenticated with data provider.

  • User provides consent on data provider owned consent screen.

  • The provider sends an OAuth grant code to Akoya. Akoya requests a provider token. In exchange for the OAuth grant code, the provider issues Akoya tokens.

  • Users does not do anything, abandons the Akoya owned account selection UI, and it times out.

  • Akoya redirects to the data recipient with appropriate error description.

Case 5: Account List API errors out

  • User is authenticated with data provider.

  • User provides consent on data provider owned consent screen.

  • The provider sends an OAuth grant code to Akoya. Akoya requests a provider token. In exchange for the OAuth grant code, the provider issues Akoya tokens.

  • Account List API fails/errors out and Akoya is not able to display any account information of the user on the account selection UI. An error message is displayed to the user. A “Cancel” button is presented to the user which will redirect to recipient with error.

  • Akoya redirects to the data recipient with appropriate error description.


Need help?

Check out our Developer Community, or visit the Support Center in the Data Recipient Hub.

Looking for provider nuance documentation?

All provider nuance documentation is available in the Data providers section in the Data Recipient Hub.

Still stuck?

For all production issues, submit a support ticket through the Data Recipient Hub. Our support team is standing by 24/7. Questions and non-production issues will be answered during business hours.