oauth2.dev

server_error

IETF

Registry Context

`server_error` is an OAuth error name for unexpected authorization-server failures.

Technical Summary

RFC 6749 registers `server_error` in the OAuth Extensions Error Registry and uses it in redirect-based authorization error responses when the authorization server cannot fulfill the request because of an unexpected condition.

When Used

Authorization code and implicit grant error responses when the authorization server encounters an unexpected condition.

Normative Requirements

Authorization servers

MUST
2

  1. RFC 6749 - Section 4.1.2.1

    include the `error` parameter as a required single ASCII error code from the registered set, which includes `server_error`..

    Condition: When the resource owner denies the access request or the request fails for reasons other than a missing or invalid redirection URI, and the server is returning an authorization code grant error response to the client via the query component of the redirection URI.

    error REQUIRED. A single ASCII [USASCII] error code from the following: ... server_error

  2. RFC 6749 - Section 4.2.2.1

    include the `error` parameter as a required single ASCII error code from the registered set, which includes `server_error`..

    Condition: When the resource owner denies the access request or the request fails for reasons other than a missing or invalid redirection URI, and the server is returning an implicit grant error response to the client via the fragment component of the redirection URI.

    error REQUIRED. A single ASCII [USASCII] error code from the following: ... server_error

Unspecified actor

MUST NOT
1

  1. RFC 6749 - Section 11.4.1

    include characters outside the set %x20-21 / %x23-5B / %x5D-7E in the registered error name..

    Values for the error name MUST NOT include characters outside the set %x20-21 / %x23-5B / %x5D-7E.

Validation Guidance

error

Reject any registry name other than `server_error`, and reject names containing characters outside the allowed ASCII set.

error

When `server_error` is emitted in an authorization code grant error response, ensure it is carried in the `error` parameter in the query component of the redirect URI.

error

When `server_error` is emitted in an implicit grant error response, ensure it is carried in the `error` parameter in the fragment component of the redirect URI.

Reference

RFC6749

Details

Entry Id
server_error
Name
server_error
Usage Location
authorization endpoint
Protocol Extension
OAuth 2.0 Authorization Framework
Change Controller
IETF
Reference
RFC6749