Token API errors
Obtain token errors
The response payload will resemble the following:
JSON
{
"error": "invalid_request",
"error_description": "Invalid or expired code parameter."
}Response | "error" | "error_description" | Possible issue |
400 Bad Request | invalid_request | Invalid or expired code parameter | The code parameter retrieved during authentication is wrong, missing, or expired. |
400 Bad Request | invalid_request | redirect_uri did not match URI from initial request | The redirect URI used in the token call is not what was used in the authorization URL. |
400 Bad Request | invalid_grant | Missing or incorrect grant_type field. Must be authorization_code | |
401 Unauthorized | invalid_client | Invalid client credentials. | The client id or secret is incorrect |
Refresh token errors
The response payload will resemble the following:
JSON
{
"error": "invalid_request",
"error_description": "Invalid or expired code parameter."
}Response | "error" | "error_description" | Possible issue |
400 Bad Request | invalid_request | No refresh token in request | The refresh token is missing or passed in the wrong parameter |
400 Bad Request | invalid_request | Refresh token is invalid or has already been claimed by another client. | The refresh token is wrong or expired |
400 Bad Request | invalid_grant | The token_type_hint must be set to refresh_token | |
401 Unauthorized | invalid_client | Invalid client credentials. | The client id or secret is incorrect |
Revoke token errors
The response payload will resemble the following:
JSON
{
"error": "invalid_request"
}Response | "error" | Possible issue |
400 Bad Request | invalid_request | refresh token is missing or invalid |
400 Bad Request | unsupported_token_type | The token_type_hint must be set to refresh_token |
401 Unauthorized | invalid_client | The client id or secret is incorrect |