developer
OAuth 2.0
developer

OAuth 2.0 Errors

Refer to the following error codes and explanations when troubleshooting OAuth 2.0 errors:

400 Errors

A 400 Error indicates that a request is invalid. You omitted a required parameter or Yahoo couldn’t make sense of a parameter you supplied.

Table 6 400 Errors

Error

Description

UNSUPPORTED_OVER_HTTP

OAuth 2.0 only supports calls over HTTPS.

VERSION_REJECTED

An unsupported version of OAuth was supplied.

PARAMETER_ABSENT

A required parameter is missing from the request.

PARAMETER_REJECTED

A provided parameter is too long.

INVALID_CLIENT

An invalid Client ID was provided.

INVALID_REQUEST

An invalid request parameter was provided.

UNSUPPORTED_RESPONSE_TYPE

The provided response_type is supported for this request. You may have provided a response type that doesn’t match the request.

UNSUPPORTED_GRANT_TYPE

The provided grant_type is not supported. You may have provided a grant type that doesn’t match the request.

INVALID_REDIRECT_URI

The provided redirect_URI does not match the one provided with the original authorization request.

UNSUPPORTED_REDIRECT_URI

The provided redirect_URI is not supported for this request type.

INVALID_PARAM

A provided request parameter is invalid.

INVALID_REFRESH_TOKEN

The provided refresh token is invalid.

401 Errors

A 401 error indicates that the authorization information for a request is absent or invalid.

Table 7 401 Errors

Error

Description

TOKEN_EXPIRED

The provided refresh token has expired.

INVALID_CALLBACK

The redirect_uri provided with this request uses an unsupported port or does not match the Client ID (Consumer Key).

UNDERAGE_USER

The user who must authorize access is a minor and cannot authorize access.

INVALID_CLIENT_SECRET

An invalid Client Secret was provided.

INVALID_GRANT

An invalid or expired token was provided.

403 Errors

A 403 error indicates that request is forbidden.

Table 8 403 Errors

Error

Description

ACCOUNT_NOT_AUTHORIZED

The user has not authorized requesting Client ID (Consumer Key).

Authorization Errors

The following errors presented on the browser when user authorizes the app.

  • INTERNAL_ERROR

  • INVALID_CONSUMER_KEY

  • DELETED_CONSUMER_KEY

  • DISABLED_CONSUMER_KEY

  • INVALID_TOKEN

  • EXPIRED_TOKEN

  • INVALID_CALLBACK_URL

  • INVALID_SCOPE

  • UNSUPPORTED_OVER_HTTP,

  • UNDERAGE_USER

  • PARAMS_MAXLENGTH_EXCEEDED

  • BAD_REDIRECT_URI

  • INVALID_RESPONSE_TYPE

  • INVALID_REQUEST

  • PARAM_TOO_LONG