Send Docs Feedback

OAuth HTTP status code reference

This topic provides HTTP status codes and their related reason phrases you may encounter when OAuth throws errors in Apigee Edge. 

For guidance on handling errors, see Fault handling.

For policy-specific error codes, see:

Authorization Code

Invalid Redirect URI

HTTP/1.1 400 Bad Request
{"ErrorCode" : "invalid_request", "Error" :"Invalid redirection uri http://www.invalid_example.com"}

No Redirect URI

HTTP/1.1 400 Bad Request {"ErrorCode" : "invalid_request", "Error" :"Redirection URI is required"}

Invalid Key

HTTP/1.1 401 Unauthorized {"ErrorCode" : "invalid_request", "Error" :"Invalid client id : AVD7ztXReEYyjpLFkkPiZpLEjeF2aYAz. ClientId is Invalid"}

Missing Key

HTTP/1.1 400 Bad Request
{"ErrorCode" : "invalid_request", "Error" :"The request is missing a required parameter : client_id"}

Invalid Response Type

HTTP/1.1 400 Bad Request
{"ErrorCode" : "invalid_request", "Error" :"Response type must be code"}

Missing Response Type

HTTP/1.1 400 Bad Request
{"ErrorCode" : "invalid_request", "Error" :"The request is missing a required parameter : response_type"}

Generate AccessToken

Invalid Auth Code

HTTP status: 400 Bad Request
{"ErrorCode" : "invalid_request", "Error" :"Invalid Authorization Code"}

No Redirect URI

HTTP/1.1 400 Bad Request
{"ErrorCode" : "invalid_request", "Error" :"Required param : redirect_uri"}

Invalid Redirect URI

HTTP/1.1 400 Bad Request
{"ErrorCode" : "invalid_request", "Error" :"Invalid redirect_uri : oob"}

Invalid Client ID

HTTP/1.1 401 Unauthorized
{"ErrorCode" : "invalid_client", "Error" :"Client identifier is required"}

Troubleshooting: http://community.apigee.com/questions/1810/drives-me-mad-errorcode-invalid-client-error-clien.html

No Client ID

HTTP/1.1 401 Unauthorized
{"ErrorCode" : "invalid_client", "Error" :"Client identifier is required"}

Troubleshooting: http://community.apigee.com/questions/1810/drives-me-mad-errorcode-invalid-client-error-clien.html

Invalid GrantType

HTTP/1.1 400 Bad Request
{"ErrorCode" : "invalid_request", "Error" :"Unsupported grant type : client_credentials_invalid"}

No Username

HTTP/1.1 400 Bad Request
{"ErrorCode" : "invalid_request", "Error" :"Required param : username"}

No Password

HTTP/1.1 400 Bad Request
{"ErrorCode" : "invalid_request", "Error" :"Required param : password"}

No GrantType (Custom Policy)

HTTP/1.1 400 Bad Request
{"ErrorCode" : "invalid_request", "Error" :"Required param : grant_type"}

No AuthCode

HTTP/1.1 400 Bad Request
{"ErrorCode" : "invalid_request", "Error" :"Required param : code"} 

Implicit

Invalid Client ID

HTTP/1.1 401 Unauthorized
{"ErrorCode" : "invalid_request", "Error" :"Invalid client id : AVD7ztXReEYyjpLFkkPiZpLEjeF2aYAz. ClientId is Invalid"}

No Client ID

HTTP/1.1 400 Bad Request
{"ErrorCode" : "invalid_request", "Error" :"The request is missing a required parameter : client_id"}

Invalid Response Type

HTTP/1.1 400 Bad Request
{"ErrorCode" : "invalid_request", "Error" :"Response type must be token"}

No Response Type

HTTP/1.1 400 Bad Request
{"ErrorCode" : "invalid_request", "Error" :"The request is missing a required parameter : response_type"}

Invalid Redirect URI

HTTP/1.1 400 Bad Request
{"ErrorCode" : "invalid_request", "Error" :"Invalid redirection uri http://www.invalid_example.com"}

No Redirect URI

HTTP/1.1 400 Bad Request
{"ErrorCode" : "invalid_request", "Error" :"Redirection URI is required"}

Refresh Token

Invalid RefreshToken

HTTP/1.1 400 Bad Request
{"ErrorCode" : "invalid_request", "Error" :"Invalid Refresh Token"}

Invalid Scope

HTTP/1.1 400 Bad Request
{"ErrorCode" : "invalid_request", "Error" :"Invalid Scope"}

Invalid Client ID

HTTP/1.1 401 Unauthorized
{"ErrorCode" : "invalid_client", "Error" :"Client identifier is required"}

Troubleshooting: http://community.apigee.com/questions/1810/drives-me-mad-errorcode-invalid-client-error-clien.html

No Client ID

HTTP/1.1 401 Unauthorized
{"ErrorCode" : "invalid_client", "Error" :"Client identifier is required"}

Troubleshooting: http://community.apigee.com/questions/1810/drives-me-mad-errorcode-invalid-client-error-clien.html

Verify AccessToken

Invalid AccessToken

HTTP/1.1 401 Unauthorized
{"fault":{"faultstring":"Invalid Access Token","detail":{"errorcode":"keymanagement.service.invalid_access_token"}}}

Invalid Resource

HTTP/1.1 401 Unauthorized
{"fault":{"faultstring":"APIResource \/facebook\/acer does not exist","detail":{"errorcode":"keymanagement.service.apiresource_doesnot_exist"}}}

Invalid Scope

HTTP/1.1 403 Forbidden
{"fault":{"faultstring":"Required scope(s) : VerifyAccessToken.scopeSet","detail":{"errorcode":"steps.oauth.v2.InsufficientScope"}}}

No Auth Header

HTTP/1.1 401 Unauthorized
{"fault":{"faultstring":"Invalid access token","detail":{"errorcode":"oauth.v2.InvalidAccessToken"}}}

No match for ApiProduct (With Env & Proxy Configured)

HTTP/1.1 401 Unauthorized
{"fault":{"faultstring":"Invalid API call as no apiproduct match found","detail":{"errorcode":"keymanagement.service.InvalidAPICallAsNoApiProductMatchFound"}}}

Access token expired

HTTP/1.1 401 Unauthorized
{"fault":{"faultstring":"Access Token expired","detail":{"errorcode":"keymanagement.service.access_token_expired"}}} 

Access token revoked

HTTP/1.1 401 Unauthorized
{"fault":{"faultstring":"Access Token not approved","detail":{"errorcode":"keymanagement.service.access_token_not_approved"}}}

 

Help or comments?