Skip to main content
Go to Latest
enum AuthorizationFailRequest.Reason
import { AuthorizationFailRequest } from "https://deno.land/x/authlete_deno@v1.2.9/mod.ts";
const { Reason } = AuthorizationFailRequest;

Failure reasons of authorization requests.

Members

ACCOUNT_SELECTION_REQUIRED

The authorization server cannot obtain an account selection choice made by the end-user.

Using this reason will result in error=account_selection_required.

ACR_NOT_SATISFIED

The authorization request from the client application contained acr claim in claims request parameter and the claim was marked as essential, but the ACR performed for the end-user does not match any one of the requested ACRs.

Using this reason will result in error=login_required.

DENIED

The end-user denied the authorization request from the client application.

Using this reason will result in error=access_denied.

DIFFERENT_SUBJECT

The authorization request from the client application requested a specific value for sub claim, but the current end-user (in the case of prompt=none) or the end-user after the authentication is different from the specified value.

Using this reason will result in error=login_required.

EXCEEDS_MAX_AGE

The authorization request from the client application contained prompt=none, but the time specified by max_age request parameter or by default_max_age configuration parameter has passed since the time at which the end-user logged in.

See OpenID Connect Core 1.0, 3.1.2.1. Authentication Request for prompt and max_age request parameters.

See OpenID Connect Dynamic Client Registration 1.0, 2. Client Metadata for default_max_age configuration parameter.

Using this reason will result in error=login_required.

INTERACTION_REQUIRED

The authorization server needs interaction with the end-user.

Using this reason will result in error=interaction_required.

INVALID_TARGET

The requested resource is invalid, missing, unknown, or malformed. See "Resource Indicators for OAuth 2.0" for details.

Using this reason will result in error=invalid_target.

MAX_AGE_NOT_SUPPORTED

The authorization request from the client application contained max_age parameter with a non-zero value or the client's configuration has a non-zero value for default_max_age configuration parameter, but the service implementation cannot behave properly based on the max age value mainly because the service implementation does not manage authentication time of end-users.

See OpenID Connect Core 1.0, 3.1.2.1. Authentication Request for max_age request parameter.

See OpenID Connect Dynamic Client Registration 1.0, 2. Client Metadata for default_max_age configuration parameter.

Using this reason will result in error=login_required.

NOT_AUTHENTICATED

The end-user was not authenticated.

Using this reason will result in error=login_required.

NOT_LOGGED_IN

The authorization request from the client application contained prompt=none, but any end-user has not logged in.

See OpenID Connect Core 1.0, 3.1.2.1. Authentication Request for prompt request parameter.

Using this reason will result in error=login_required.

SERVER_ERROR

Server error.

Using this reason will result in error=server_error.

UNKNOWN

Unknown reason.

Using this reason will result in error=server_error.