Skip to content

InvalidClientError should return 401 #66

New issue
New issue
Closed
Closed
InvalidClientError should return 401#66
Labels
awaiting more info 💭More information is neededcompliance 📜OAuth 2.0 standard compliancetests 🧪Relates to tests
@Uzlopak

Description

@Uzlopak
Uzlopak
opened on Nov 15, 2021

https://datatracker.ietf.org/doc/html/rfc6749#section-5.2

 Client authentication failed (e.g., unknown client, no
               client authentication included, or unsupported
               authentication method).  The authorization server MAY
               return an HTTP 401 (Unauthorized) status code to indicate
               which HTTP authentication schemes are supported.  If the
               client attempted to authenticate via the "Authorization"
               request header field, the authorization server MUST
               respond with an HTTP 401 (Unauthorized) status code and
               include the "WWW-Authenticate" response header field
               matching the authentication scheme used by the client.

Metadata

Metadata

Assignees

No one assigned

    Labels

    awaiting more info 💭More information is neededcompliance 📜OAuth 2.0 standard compliancetests 🧪Relates to tests

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions