Troubleshooting
HTTP Status Codes¶
| Error code | Description | Possible Causes | How to fix? |
|---|---|---|---|
| 400 Bad Request | The request could not be understood or was missing required parameters. | Incorrect or missing parameters (e.g., client_id, client_secret, grant_type, etc.). Invalid request format or content type. | Verify the request body and parameters. Make sure all required fields are present and valid. |
| 401 Unauthorized | The request lacks valid authentication credentials. | Missing or invalid Access Token in the request. Incorrect client_id or client_secret. The token has expired or been revoked. | Ensure the Access Token is valid and not expired. Re-generate an Access Token if necessary. Double-check client_id and client_secret. |
| 403 Forbidden | The authenticated user does not have permission to access the requested resource. | Insufficient permissions or scopes associated with the Access Token. The user or client app is not authorized for this specific action. | Ensure that the correct scopes are requested during the authorization process. Check if the resource requires additional permissions. |
| 404 Not Found | The requested resource could not be found. | Incorrect API endpoint or resource URL. The resource has been deleted or does not exist. | Verify the API endpoint URL and ensure it is correct. |
| 405 Method Not Allowed | The HTTP method used in the request is not supported for this endpoint. | Using GET instead of POST for token requests. Using an unsupported method for an API resource. | Check the documentation to ensure the correct HTTP method is used. |
| 500 Internal Server Error | An unexpected server error occurred. | A problem on the API provider's server side. Temporary service downtime. | Retry the request later or contact support if the issue persists. |
| 503 Service Unavailable | The server is temporarily unable to handle the request. | Server overload or maintenance. Rate-limiting or throttling issues. | Wait for some time and retry the request. |
OAuth 2.0 & OpenID Connect-Specific Error Codes¶
| Error code | Description | Possible Causes | How to fix? |
|---|---|---|---|
| invalid_request | The request is missing a required parameter or includes an invalid parameter. | Required parameters like client_id, grant_type, or scope are missing or invalid. Malformed request or incorrect encoding. | Review the request and add the missing or correct parameters. |
| invalid_client | The client authentication failed (e.g., incorrect client_id or client_secret). | Wrong client_id or client_secret. Client credentials are invalid, revoked, or missing. | Double-check the client credentials and make sure they are correct and properly included in the request. |
| invalid_grant | The provided authorization grant or refresh token is invalid, expired, or revoked. | Incorrect or expired authorization code. Invalid refresh token. Mismatched redirect URI. | Re-authenticate the user and request a new authorization grant or refresh token. |
| unauthorized_client | The client is not authorized to use this grant type. | The client is not allowed to use a specific grant type (e.g., password, client_credentials). The client is not authorized to request certain scopes. | Verify that the client is registered to use the grant type and requested scopes. |
| unsupported_grant_type | The authorization server does not support the requested grant type. | The grant_type parameter in the request is unsupported or misspelled. | Check if the grant type is supported by the server and correct any misspellings in the request. |
| invalid_scope | The requested scope is invalid, unknown, or malformed. | The requested scope does not exist or is misspelled. The client is not allowed to request certain scopes. | Verify the scope names and ensure they match the allowed scopes. |
| access_denied | The resource owner or authorization server denied the request. | The user declined to grant permission to the application. The authorization server is denying access to the requested resource. | Check the authorization flow and ensure that the user has granted permission. If the issue persists, contact the authorization provider. |
| server_error | The authorization server encountered an unexpected condition. | Internal server error on the provider's side. | Retry the request later, and if the problem persists, contact the service provider. |
| temporarily_unavailable | The authorization server is temporarily unable to handle the request. | Server maintenance or service outage. | Retry the request later. |
Token-Related Errors¶
| Error code | Description | Possible Causes | How to fix? |
|---|---|---|---|
| invalid_token | The provided token is invalid or expired. | Access Token or Refresh Token is malformed, expired, or revoked. The token was issued for a different client or resource. | Request a new token and ensure it is used within its validity period. |
| insufficient_scope | The token does not have sufficient scope to access the requested resource. | Re-authenticate with the correct scope or request a new token with the required permissions. | Re-authenticate with the correct scope or request a new token with the required permissions. |