Error responses
An HTTP response indicates the type of error that has occurred when an action in an authorization process fails. The error responses described here are only applicable to Policy Enforcement Point (PEP) error responses.
For information about OAuth 2.0 error responses for other endpoints, see the OAuth website: http://www.oauth.net.
In some circumstances, the following HTTP error responses must be returned to the client:
- 400 Bad Request
- 401 Unauthorized
- 502 Bad Gateway
For the 401 response, an additional WWW-Authenticate header is added to the response in the following format:
WWW-Authenticate: OAuth realm = <realm-name>
The HTML component of the responses is preinstalled from files that have been specified in the EAS configuration.
For details on how to configure the response template files for OAuth EAS, see Configure WebSEAL to include OAuth decisions.
Parent topic: OAuth 2.0 and OIDC support