Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-12150

Need to change error response from invalid_request to unsupported_grant_type

    Details

    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      RH-SSO server returns the invalid_request error response when a client sent requests with grant_type=<unsupported value>, for example, "urn:ietf:params:oauth:grant-type:device_code".

      According to RFC6749, it seems to be better to return the unsupported_grant_type error response.

      5.2. Error Response

      The authorization server responds with an HTTP 400 (Bad Request)
      status code (unless specified otherwise) and includes the following
      parameters with the response:

      error
      REQUIRED. A single ASCII [USASCII] error code from the
      following:

      invalid_request
      The request is missing a required parameter, includes an
      unsupported parameter value (other than grant type),
      repeats a parameter, includes multiple credentials,
      utilizes more than one mechanism for authenticating the
      client, or is otherwise malformed.
      ...
      unsupported_grant_type
      The authorization grant type is not supported by the
      authorization server.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                yoshiyuki_tabata 義之 田畑
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: