OIDC exception handling
If authentication is unsuccessful, the RealMe Authorisation Endpoint returns the customer to the redirection URI specified in the authentication request with the following error response parameters:
|
Response Parameter |
Mandatory/ Optional |
Description |
|
error |
Mandatory |
Error code |
|
error_description |
Mandatory |
Human-readable ASCII encoded text description of the error |
|
state |
Mandatory |
Returns same value provided in authentication request. |
The following is an example of an OIDC authentication response for an unsuccessful authentication journey:
Location: https://sample.govt.nz/SignIn/CallbackCodeOidc?
error=invalid_request
&error_description= AADB2C90117%3A+The+scope+%27Unsupported%27+provided+in+the+request+is+not+supported.%0D%0ACorrelation+ID%3A+e014e109-0c68-4757-b511-e81fd3b01450%0D%0ATimestamp%3A+2024-08-08+20%3A35%3A56Z%0D%0A
&state=af0ifjsldkj
The following table provides key error codes and descriptions:
|
Error Code |
Error Description |
|
unsupported_response_type
|
RealMe does not support obtaining an authorisation code using this method. |
|
access_denied |
User exited from the RealMe journey or RealMe denied the request. Refer to the error description for further information. |
|
invalid_request
|
The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. |
|
server_error
|
RealMe encountered an unexpected condition that prevented it from fulfilling the request. (This error code is needed because a 500 Internal Server Error HTTP status code cannot be returned to the client via an HTTP redirect.) |