When the Admin API server handles a InvalidRequestException, it is not including the underlying message in the error response sent back to the client.

2022-09-05 12:54:27,480 WARN [org.bf2.adm.kaf.adm.han.CommonHandler] (vert.x-eventloop-thread-1) class org.apache.kafka.common.errors.InvalidRequestException Invalid ACL principal name
426{{2022-09-05 12:54:27,572 INFO [io.qua.htt.access-log] (vert.x-eventloop-thread-1) 10.131.0.96 - 05/Sep/2022:12:54:27 +0000 "POST /api/v1/acls HTTP/1.1" 400 20700 169}}

The error received by the client looks like this:

 
Object { message: "Request failed with status code 400", name: "AxiosError", code: "ERR_BAD_REQUEST", config:

, request: XMLHttpRequest, response: {…}

, stack: "" }
655.9b82ee1c.js:1:2225
    c https://console.redhat.com/apps/rhosak-control-plane-ui-build/655.9b82ee1c.js:1

on the admin api server, we are reporting:
 
I think this is an Admin API server issue.
 
org.bf2.admin.kafka.admin.handlers.CommonHandler#errorHandlers
 
In InvalidRequestException, we should probably including the thrown.getMessage() so we get the "Invalid ACL principal name" and "Invalid ACL resource or operation" messages from the plugin.