Facebook Oauth2 Error Codes & Messages

Error Code Error Message / Description
unknown_error Handles all errors that don’t stem from invalid requests — e.g., perhaps errors resulting from databases that are down or logic errors in code.
invalid_request The default OAuth exception. It means the request is missing a required parameter, includes an unsupported parameter or parameter value, repeats a parameter, includes multiple credentials, utilizes more than one mechanism for authenticating the client, or is otherwise malformed.
invalid_client The client identifier provided is invalid, the client failed to authenticate, the client did not include its credentials, provided multiple client credentials, or used unsupported credentials type.
unauthorized_client The authenticated client is not authorized to use the access grant type provided.
redirect_uri_mismatch The redirection URI provided does not match a pre-registered value.
access_denied The end-user or authorization server denied the request.
unsupported_response_type The requested response type is not supported by the authorization server.
invalid_scope The requested scope is invalid, unknown, malformed, or exceeds the previously granted scope.
invalid_grant The provided access grant is invalid, expired, or revoked (e.g. invalid assertion, expired authorization token, bad end-user password credentials, or mismatching authorization code and redirection URI).
unsupported_grant_type The access grant included – its type or another attribute – is not supported by the authorization server.
invalid_token The access token provided is invalid. Resource servers SHOULD use this error code when receiving an expired token which cannot be refreshed to indicate to the client that a new authorization is necessary. The resource server MUST respond with the HTTP 401 (Unauthorized) status code.
expired_token The access token provided has expired.
insufficient_scope The request requires higher privileges than provided by the access token. The resource server SHOULD respond with the HTTP 403 (Forbidden) status code and MAY include the “scope” attribute with the scope necessary to access the protected resource.
invalid_code The code provided is invalid.
not_found The request is for data which does not exist.
unsupported_auth_type The requested authentication type is not supported by the authorization server.

Leave a Reply

Your email address will not be published. Required fields are marked *