Error responses

Edit online

An HTTP response indicates the type of error that has occurred when an action in an authorization process fails. The error responses described here are only applicable to Policy Enforcement Point (PEP) error responses.

For more information about OAuth 2.0 error responses for other endpoints, see the OAuth website: http://www.oauth.net.

In some circumstances, the following HTTP error responses must be returned to the client:

400 Bad Request
401 Unauthorized
502 Bad Gateway

For the 401 response, an additional WWW-Authenticate header is added to the response in the following format:

WWW-Authenticate: OAuth realm = <realm-name>

The HTML component of the responses is preinstalled from files that have been specified in the EAS configuration.

For details on how to configure the response template files for OAuth EAS, see Configuring WebSEAL to include OAuth decisions.