oauth2.dev

unsupported_grant_type

IETF

Registry Context

`unsupported_grant_type` is the OAuth 2.0 token-endpoint error code for a grant type the authorization server does not support.

Technical Summary

RFC 6749 Section 5.2 defines `unsupported_grant_type` as one of the token error response values. The `error` parameter is required, is a single ASCII error code, and token error responses normally use HTTP 400 unless another status is specified. The registry entry name must also satisfy the RFC 6749 character restrictions for error names.

When Used

Use in a token error response when the authorization grant type is not supported by the authorization server.

Normative Requirements

Authorization servers

MUST
2

  1. RFC 6749 - Section 5.2

    respond with HTTP 400 (Bad Request) and include the listed response parameters.

    Condition: unless a different status code is specified for the error response

    “The authorization server responds with an HTTP 400 (Bad Request) status code (unless specified otherwise) and includes the following parameters with the response:”

  2. RFC 6749 - Section 5.2

    use `unsupported_grant_type` as the error code.

    Condition: when the authorization grant type is not supported

    “unsupported_grant_type The authorization grant type is not supported by the authorization server.”

error name

MUST NOT
1

  1. RFC 6749 - Section 11.4.1

    include characters outside the allowed set %x20-21 / %x23-5B / %x5D-7E.

    Condition: when registering or using the error name

    “Values for the error name MUST NOT include characters outside the set %x20-21 / %x23-5B / %x5D-7E.”

the `error` parameter value

MUST
1

  1. RFC 6749 - Section 5.2

    be a single ASCII error code.

    Condition: when included in the token error response

    “error REQUIRED. A single ASCII [USASCII] error code from the following:”

Validation Guidance

error

Reject any registry value for the error name that contains characters outside the RFC 6749 allowed ASCII range.

error

Ensure `unsupported_grant_type` is only emitted as a token-endpoint error for an unsupported grant type.

error

Ensure token error responses include an `error` field containing a single ASCII error code.

warning

Default token error responses to HTTP 400 unless the protocol specifies otherwise.

Reference

RFC6749

Details

Entry Id
unsupported_grant_type
Name
unsupported_grant_type
Usage Location
token endpoint
Protocol Extension
OAuth 2.0 Authorization Framework
Change Controller
IETF
Reference
RFC6749