[Openid-specs-fapi] Issue #373: Grant Management uses invalid_grant as authorization response error (openid/fapi)
issues-reply at bitbucket.org
Thu Feb 18 10:36:02 UTC 2021
New issue 373: Grant Management uses invalid_grant as authorization response error
### Error Response
In case the `grant_id` is unknown or invalid, the authorization server will respond with an error code `invalid_grant` (as defined in [@!RFC6749]).
The invalid\_grant error as defined in 6749 is a “token endpoint” error.
> The authorization server responds with an HTTP 400 \(Bad Request\) status code
This specification should therefore register the error\_code for use at the different endpoints \(authorization\[, device\_authorization, ciba\]\) it is possible to return the code from in IANA.
More information about the Openid-specs-fapi