OAuth 2.0 Errors

Authorization Response Errors

The following errors can be returned by a request to the authorization endpoint <Space service URL>/oauth/auth.

Error	Description	Solution
`invalid_request`	The authorization request to Space is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed.	Verify that all of the parameters are correct, that the provided `client_id` exists, and so on.
`unauthorized_client`	The `redirect_URI` of the service either is incorrect or missing.	Make sure the `redirect_uri` is correct and properly registered as one of the service's redirect URIs. Make sure your provided at least one `redirect_uri` in Space.
`access_denied`	The resource owner or Space denied the request.	Verify that you are using the correct values for the `scope` parameter.
`unsupported_response_type`	The parameter `response_type` is either missing or has an invalid value.	Verify that you have set the value for the `response_type` to `token`.
`invalid_scope`	The parameter `scope` is missing, or the scope for which authorization is requested does not match permissions registered and authorized for the application.	Make sure that the request is correct and the requested permissions are pre-authorized in Space.

Token Response Errors

The following errors can be returned by a request to the token endpoint <Space service URL>/oauth/token. For more information, read the definition of each error in the RFC6749 standard.

Error	Description	Solution
`invalid_request`	The request is missing a required parameter, includes an unsupported parameter value (other than grant type), repeats a parameter, includes multiple credentials, utilizes more than one mechanism for authenticating the application, or is otherwise malformed.	Check the response header, then check if the request is correct.
`invalid_client`	Application authentication failed. For example, the application is uknown in Space or no application authentication included.	Check the value for the `client_id` parameter.
`unsupported_grant_type`	The authorization grant type is not supported by Space.	Verify that you have set the value for the `response_type` to `token`.
`invalid_scope`	The scope parameter is missing or its values do not match the permissiones pre-authorized in Space for the application.	Verify that you are using the correct values for the `scope` parameter.
`unauthorized_client`	The authorization flow is not supported.	Make sure the application type you specified for your application when registered supports the authorization flow you're using.
`invalid_grant`	Possible reasons: Refresh token was issued to another application service. Refresh token is unknown. Authorization code is unknown or is of invalid format. The `client_secret` is of invalid format. Provided credentials of the resource owner are invalid. Requested scope does not match that allowed by access token

Last modified: 09 December 2020