Token API errors
Obtain token errors
The response payload will resemble the following:
JSON
{
"error": "invalid_request",
"error_description": "Invalid or expired code parameter."
}Response | "error" | "error_description" | Possible issue |
400 Bad Request | invalid_request | Invalid or expired code parameter | The code parameter retrieved during authentication is wrong, missing, or expired. |
400 Bad Request | invalid_request | redirect_uri did not match URI from initial request | The redirect URI must be registered |
400 Bad Request | invalid_grant | Missing or incorrect grant_type field. Must be authorization_code | |
401 Unauthorized | invalid_client | Invalid client credentials. | The client id or secret is incorrect |
Refresh token errors
The response payload will resemble the following:
JSON
{
"error": "invalid_request",
"error_description": "Invalid or expired code parameter."
}Response | "error" | "error_description" | Possible issue |
400 Bad Request | invalid_request | No refresh token in request | The refresh token is missing, invalid, or claimed by another client |
400 Bad Request | invalid_request | Refresh token is invalid or has already been claimed by another client. | The refresh token is wrong or expired |
400 Bad Request | invalid_grant | Missing or incorrect grant_type field. Must be refresh_token | |
401 Unauthorized | invalid_client | Invalid client credentials. | The client id or secret is incorrect |
Revoke token errors
The response payload will resemble the following:
JSON
{
"error": "invalid_request"
}Response | "error" | Possible issue |
400 Bad Request | invalid_request | One or more key value is missing, invalid, or claimed by another client: refresh_token, client_id, client_secret |
400 Bad Request | unsupported_token_type | The token_type_hint must be set to refresh_token |