Common Errors

8.1. Integration Errors

During integration there are a few common errors you may be presented with. The document below is to help guide you through those errors.

Invalid Client

Problem

There are a few possible reasons why you could be getting invalid_client. See a list of likely causes below:

  • The client_id is not present in the connect/token call.
  • The client_id is incorrect during the connect/token call.
  • The client_id is mismatched between the connect/authorization, connect/token calls.
  • The client_id used when creating the client_assertion is incorrect/mismatched or not present.

Troubleshoot

The below details possible steps to help resolve or troubleshoot the underlying issue:

Ensure client_id is present in the connect/token call.

Ensure the client_id used when creating client_assertion and making connect/token calls is a valid client ID.

Ensure client_assertion value is valid, and there are no white spaces. We provide a widget here.



Invalid Redirect Url

Problem

There are a few possible reasons why you could be getting invalid_redirect. See a list of likely causes below:

  • Not having any redirect URL configured in the (client.json file)
  • Using a URL not whitelisted
1{
2 "redirect_url": ["the redirect_uri field is required"]
3}

Troubleshoot

The below details possible steps to help resolve or troubleshoot the underlying issue:

To fix this please use a whitelisted URL. You may refer to your client credential JSON file for a list of valid URLs. Please note that we do not allow wildcard urls - urls need to be specific.

At any moment you’re welcome to let us know about new URLs you wish to whitelist. This includes mobile deep-links.



Invalid Grant

Problem

There are a few possible reasons why you could be getting invalid_grant. See a list of likely causes below:

  • The client_assertion used is expired.
  • The client_assertion used is invalid.
  • The client_assertion used is missing (not present) in the API call.
  • The code_verifier and code_challenge pair do not match.
1{
2 "error": "invalid_grant"
3}

Troubleshoot

The below details possible steps to help resolve or troubleshoot the underlying issue:

To fix this error ensure that you're appending the client_assertion to your connect/token API call.

Validate the JWT generated correctly using the widget in our developer documentation or JWT.io.

Ensure that the client_id used for the authorization and token endpoint matches the client_id used to generate the client_assertion.

Validating that the code_verifier and code_challenge match. You can use the widget here to validate this.



Invalid Scope

Problem

There are a few possible reasons why you could be getting invalid_scope. See a list of likely causes below:

  • The scope parameter includes scopes not authorised for you client.
  • The scope parameter includes mispelled scopes.
  • The scope parameter is missing (not present) in the endpoint call.
  • Scopes are not separated by a single whitespace.
1{
2 "error": "invalid_scope"
3}

Troubleshoot

The below details possible steps to help resolve or troubleshoot the underlying issue:

To fix this error ensure that you're appending the scope parameter to your connect/token API call.

Ensure that the scopes are separated by a single whitespace.

Validate the list of scopes appeneded by referring to your client JSON file.


Contact Us

If any of the above does not help solve your issue, feel free to contact us here 👨‍💻