[OAUTH-WG] OAuth Unsuccessful Response
Asghar Amereii <amereii@rooyekhat.co> Wed, 12 June 2019 10:12 UTC
Return-Path: <amereii@rooyekhat.co>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EBD89120113 for <oauth@ietfa.amsl.com>; Wed, 12 Jun 2019 03:12:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.801
X-Spam-Level:
X-Spam-Status: No, score=0.801 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TWMdZ9uAWY_0 for <oauth@ietfa.amsl.com>; Wed, 12 Jun 2019 03:12:37 -0700 (PDT)
Received: from linux.rooyekhat.co (linux.rooyekhat.co [185.81.41.14]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0279312007A for <oauth@ietf.org>; Wed, 12 Jun 2019 03:12:37 -0700 (PDT)
Received: from [185.238.95.254] (helo=[10.11.12.248]) by linux.rooyekhat.co with esmtpa (Exim 4.92) (envelope-from <amereii@rooyekhat.co>) id 1hb0F8-00054v-BP for oauth@ietf.org; Wed, 12 Jun 2019 14:42:34 +0430
To: oauth@ietf.org
From: Asghar Amereii <amereii@rooyekhat.co>
Message-ID: <7a59ac2c-a9c7-a188-77e1-94b5dc4b8799@rooyekhat.co>
Date: Wed, 12 Jun 2019 14:42:34 +0430
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="------------3DDC8EEA089E9CF96B4C39F6"
Content-Language: en-US
X-Antivirus-Scanner: Clean mail though you should still use an Antivirus
X-Authenticated-Id: amereii@rooyekhat.co
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/cYrNDN5-BWrvH1i3egydnaNPlWg>
Subject: [OAUTH-WG] OAuth Unsuccessful Response
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Jun 2019 10:15:14 -0000
According tohttps://www.oauth.com/oauth2-servers/access-tokens/access-token-response/ Error responses are returned with an HTTP 400 status code (unless specified otherwise), with error and error_description parameters. The error parameter will always be one of the values listed below. * invalid_request * invalid_client * invalid_grant * invalid_scope * unauthorized_client * unsupported_grant_type Can I have custom error like "invalid_captcha" or "captcha_required"? I want , if some one send wrong credentials for 3 times , I send "captcha_required" error and for next time must send valid captcha code My question is: 1. Is it allowed to define custom error codes in OAuth ? 2. Is there alternative way to solve my problem?
- [OAUTH-WG] OAuth Unsuccessful Response Asghar Amereii