Discussion:
[OAUTH-WG] Error Responses in Device Code Spec
Justin Richer
2017-03-15 16:33:52 UTC
Permalink
Unless I’m missing something, the current device code spec doesn’t specify errors from the device code endpoint, only from the token endpoint. What are people implementing in practice? We’re using token endpoint style errors (invalid_client, inavlid_grant_type, etc).

— Justin
Justin Richer
2017-04-12 19:18:57 UTC
Permalink
Raising this point again. We’ve got a use case where people are wanting to do custom error codes from the device endpoint and would like the spec to have clear guidance. At the moment, it doesn’t even have examples for errors from the device endpoint.

— Justin
Post by Justin Richer
Unless I’m missing something, the current device code spec doesn’t specify errors from the device code endpoint, only from the token endpoint. What are people implementing in practice? We’re using token endpoint style errors (invalid_client, inavlid_grant_type, etc).
— Justin
_______________________________________________
OAuth mailing list
https://www.ietf.org/mailman/listinfo/oauth
Mike Jones
2017-04-12 20:20:02 UTC
Permalink
It seems reasonable to have the spec say that Token Endpoint errors can also be returned from the Device Endpoint.

-- Mike

-----Original Message-----
From: OAuth [mailto:oauth-***@ietf.org] On Behalf Of Justin Richer
Sent: Wednesday, April 12, 2017 12:19 PM
To: <***@ietf.org> <***@ietf.org>
Subject: Re: [OAUTH-WG] Error Responses in Device Code Spec

Raising this point again. We’ve got a use case where people are wanting to do custom error codes from the device endpoint and would like the spec to have clear guidance. At the moment, it doesn’t even have examples for errors from the device endpoint.

— Justin
Post by Justin Richer
Unless I’m missing something, the current device code spec doesn’t specify errors from the device code endpoint, only from the token endpoint. What are people implementing in practice? We’re using token endpoint style errors (invalid_client, inavlid_grant_type, etc).
— Justin
_______________________________________________
OAuth mailing list
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
***@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
Justin Richer
2017-04-12 20:57:28 UTC
Permalink
FWIW I’m fine with that solution if that’s where the editor and group go.

— Justin
Post by Mike Jones
It seems reasonable to have the spec say that Token Endpoint errors can also be returned from the Device Endpoint.
-- Mike
-----Original Message-----
Sent: Wednesday, April 12, 2017 12:19 PM
Subject: Re: [OAUTH-WG] Error Responses in Device Code Spec
Raising this point again. We’ve got a use case where people are wanting to do custom error codes from the device endpoint and would like the spec to have clear guidance. At the moment, it doesn’t even have examples for errors from the device endpoint.
— Justin
Post by Justin Richer
Unless I’m missing something, the current device code spec doesn’t specify errors from the device code endpoint, only from the token endpoint. What are people implementing in practice? We’re using token endpoint style errors (invalid_client, inavlid_grant_type, etc).
— Justin
_______________________________________________
OAuth mailing list
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
https://www.ietf.org/mailman/listinfo/oauth
Loading...