oauth2.dev

unsupported_response_type

IETF

Registry Context

Error code used when an authorization server does not support the requested response type for an authorization request.

Technical Summary

RFC6749 error code for unsupported authorization endpoint response types. It is used in authorization code and implicit grant error responses, and RFC6749 also requires an error response when response_type is missing or not understood.

When Used

When an authorization request uses a response type the server does not support, especially in authorization code or implicit grant flows.

Normative Requirements

Authorization servers

MUST
3

  1. RFC 6749 - Section 3.1.1

    return an error response.

    Condition: If an authorization request is missing the "response_type" parameter or if the response type is not understood.

    If an authorization request is missing the "response_type" parameter, or if the response type is not understood, the authorization server MUST return an error response...

  2. RFC 6749 - Section 4.1.2.1

    use the error code "unsupported_response_type" to indicate that it does not support obtaining an authorization code using this method.

    Condition: In the authorization code grant error response when the request fails for reasons other than a missing or invalid redirection URI.

    "unsupported_response_type" The authorization server does not support obtaining an authorization code using this method.

  3. RFC 6749 - Section 4.2.2.1

    use the error code "unsupported_response_type" to indicate that it does not support obtaining an access token using this method.

    Condition: In the implicit grant error response when the request fails for reasons other than a missing or invalid redirection URI.

    "unsupported_response_type" The authorization server does not support obtaining an access token using this method.

error code value

MUST
1

  1. RFC 6749 - Section 8.5

    conform to the error ABNF.

    Condition: When defining or validating OAuth extension error codes.

    Error codes MUST conform to the error ABNF.

Validation Guidance

error

Accept only values that match the OAuth error ABNF.

warning

Treat unsupported_response_type as an authorization endpoint error, not a token-endpoint grant error.

error

Emit an error response when response_type is missing or unrecognized.

Reference

RFC6749

Details

Entry Id
unsupported_response_type
Name
unsupported_response_type
Usage Location
authorization endpoint
Protocol Extension
OAuth 2.0 Authorization Framework
Change Controller
IETF
Reference
RFC6749