Signicat uses HTTP response status codes to report the result of your requests back to you. If your request fails, an error using the appropriate status code is returned.
In general, you can expect status codes from Signicat in the following ranges:
- 2xx success status codes confirm that your request worked as expected.
- 4xx error status codes indicate an error caused by the information you provided.
- 5xx error status codes indicate an error caused by Signicat’s servers response.
The following is a list of the most common error codes you may encounter when integrating with Signicat’s services using the OIDC protocol (the list is not exhaustive).
|HTTP response code||Code||Description||Actions available|
|400||INVALID_REQUEST||The request contained invalid parameters.||Verify that the request parameters are valid.|
|400||INVALID_CLIENT||The provided client ID is not recognized in this Authorization server.||Verify that the client configuration is correct, i.e. make sure that the way the client credentials are sent matches the client configuration.|
|400||INVALID_GRANT||The provided authorization grant (e.g. authorization code, resource owner credentials) or refresh token is invalid, expired or revoked.||Verify the validity of the authorization grant or refresh token.|
|400||UNSUPPORTED_GRANT_TYPE||The provided grant type is unsupported. Supported grant types can be viewed by visiting https://preprod.signicat.com/oidc/.well-known/openid-configuration (preprod environment) and https://id.signicat.com/oidc/.well-known/openid-configuration (production environment).||Enter a valid grant type and resubmit the request.|
|400||UNSUPPORTED_RESPONSE_TYPE||The provided response type is invalid. The authorization server does not support the response type in the request.||Fix and resubmit the request.|
|400||UNSUPPORTED_TOKEN_TYPE||The provided token type is invalid. The authorization server does not support the token type in the request.||Fix and resubmit the request.|
|400||INVALID_SCOPE||Your “scope” or “claims” parameters contain invalid values. Supported scopes can be viewed by visiting https://preprod.signicat.com/oidc/.well-known/openid-configuration (preprod environment) and https://id.signicat.com/oidc/.well-known/openid-configuration (production environment).||Fix and resubmit the request.|
|400||LOGIN_REQUIRED||The authorization server requires end-user authentication.|
|400||CONSENT_REQUIRED||The authorization server requires end-user consent.|
|400||REQUEST_URI_NOT_SUPPORTED||This server does not support the request_uri parameter.|
|400||INVALID_REDIRECT_URI||The value of one or more redirect_uris is invalid.||Verify the redirect_uris and retry.|
|400||INVALID_CLIENT_METADATA||The value of one of the Client Metadata fields is invalid and the server has rejected this request.||Verify the Client Metadata fields and retry.|
|400||UNAUTHORIZED_CLIENT||Your client is unauthorized.||Provide credentials and retry.|
|401||INVALID_TOKEN||The Bearer token provided in the Authorization header was not valid.|
|403||ACCESS_DENIED||Your access to this resource is denied.||Check your credentials and retry.|
|403||INSUFFICIENT_SCOPE||The provided Bearer token has insufficient scope, resource cannot be accessed.|
|500||SERVER_ERROR||Internal server error. These errors can result from temporary conditions. The client application might explain to the user that its response is delayed because of a temporary error.||Retry the request.|