OAuth dynamic client registration API - response messages

On this page

Overview


This page lists the response messages that you may get when making calls to the OAuth dynamic client registration API.

The format the response message will take is: 

        
            {
                "error": "invalid_client_metadata",
                "error_description": Relevant code detail provided here within "",
            }

Response messages


HTTP status

Error code

Error detail

Troubleshooting

400

Invalid_request

The {attribute} field is required

Please provide a valid value for client_name

400

Invalid_request

{attribute} is read-only

Please ensure {attribute} is empty for a registration request:

  • Parameter "client_id"
  • Parameter "client_id_issued_at"
  • Parameter "status"
  • Parameter "registration_access_token"
  • Parameter "registration_client_uri"

400

Invalid_request

{attribute} is not valid or expired

Provide a valid certificate

400

Invalid_request

{attribute} is expired

Provide a valid certificate

400

Invalid_request

{attribute} must contain a jwks_uri OR x509_certificate

Provide a valid certificate

400

Invalid_request

More than one {attribute} provided

Provide one grant type only

400

Invalid_request

Selected grant_type cannot be used with {attribute} value

Select a valid grant type

400

Invalid_request

Selected grant_type requires valid {attribute} value

Select a valid grant type

400

Invalid_request

invalid client id for {attribute}

Nil

400

Invalid_request

{attribute} cannot be TRUE when {attribute}  = "NULL"

Select a valid grant type

400

Invalid_redirect_uri

Selected grant_type cannot be used with {attribute} value

Select a valid grant type

400

Invalid_redirect_uri

{attribute} contains invalid {attribute}

Select a valid grant type

400

Invalid_redirect_uri

The {attribute} field is required with selected grant_type

Select a valid grant type

400

Invalid_client_metadata

{attribute} is invalid

Provide a valid value for "ato_api_key" or "x509 certificate"

400

Invalid_client_metadata

{attribute} exceeded characters limit

A parameter has exceeded the input length. Please check {attribute}:

  • Parameter "ato_api_key"
  • Parameter "client_name"
  • Parameter "x509_certificate"
  • Parameter "contacts"
  • Parameter "software_version"

400

Invalid_client_metadata

Format for {attribute} is not supported

The parameter “software_id” must be a 32 length (canonical) or 36 length (non-canonical) GUID

400

Invalid_client_metadata

{attribute} has exceed number the number of {attribute}

Ensure no more than 5 contacts have been provided

400

Invalid_client_metadata

More than 5 {attribute} provided

Select a valid grant type

400

DCR.00001

ato_api_key is not the same as the apiKey in the header.

Nil

401

Invalid_token

Unauthorised

Client not authorised to access service

403

Insufficient_scope

The scope provided is invalid for this operation

Client not authorised to perform this operation

Go back to OAuth dynamic client registration API.