Список ошибок

Стандартизированный список ошибок OAuth 2.0 описанный в RFC 6749 (пункты: 4.1.2.1, 5.2, 10.5) и в связанных дополнениях.

RFC 6749 пункт 4.1.2.1 — Authorization Endpoint Errors:

• invalid_request - The request is missing a required parameter, includes an invalid parameter value, or is otherwise malformed.
• unauthorized_client - The client is not authorized to use this authorization grant type.
• access_denied - The resource owner or authorization server denied the request.
• unsupported_response_type - The authorization server does not support obtaining a token using this method.
• invalid_scope - The requested scope is invalid, unknown, or exceeds what the client is allowed to request.
• server_error - The authorization server encountered an unexpected error. This error is temporary.
• temporarily_unavailable - The authorization server is currently unable to handle the request due to temporary overloading or maintenance.

RFC 6749 пункт 5.2 — Token Endpoint Errors:

• invalid_client - Client authentication failed. Verify that client_id and client_secret are correct.
• invalid_grant - The provided authorization grant (authorization code, resource owner credentials, refresh token) is invalid, expired, revoked, or was issued to another client.
• unsupported_grant_type - The authorization grant type is not supported by the authorization server.

RFC 7009 — Token Revocation:

• unsupported_token_type - The authorization server does not support the revocation of the presented token type.

RFC 7662 — Token Introspection (standard errors):

• consent_required - User consent is required before proceeding.
• login_required - The user is not logged in or their session has expired.
• invalid_token - The access token is invalid, expired, or malformed.