HTTP/1.1401Unauthorized{"fault":{"faultstring":"APIResource \/facebook\/acer does not exist","detail":{"errorcode":"keymanagement.service.apiresource_doesnot_exist"}}}
Keine Übereinstimmung für ApiProduct (mit Env & Proxy konfiguriert)
HTTP/1.1401Unauthorized{"fault":{"faultstring":"Invalid API call as no apiproduct match found","detail":{"errorcode":"keymanagement.service.InvalidAPICallAsNoApiProductMatchFound"}}}
Bei Erfolg gibt die Richtlinie den Status 200 zurück.
Bei einem Fehler gibt die Richtlinie 404 und eine Ausgabe ähnlich der folgenden zurück (je nachdem, ob Sie ein Zugriffstoken oder einen Authentifizierungscode löschen):
[[["Leicht verständlich","easyToUnderstand","thumb-up"],["Mein Problem wurde gelöst","solvedMyProblem","thumb-up"],["Sonstiges","otherUp","thumb-up"]],[["Schwer verständlich","hardToUnderstand","thumb-down"],["Informationen oder Beispielcode falsch","incorrectInformationOrSampleCode","thumb-down"],["Benötigte Informationen/Beispiele nicht gefunden","missingTheInformationSamplesINeed","thumb-down"],["Problem mit der Übersetzung","translationIssue","thumb-down"],["Sonstiges","otherDown","thumb-down"]],["Zuletzt aktualisiert: 2025-08-07 (UTC)."],[[["\u003cp\u003eThis document details HTTP status codes and error messages encountered when OAuth policies in Apigee and Apigee hybrid generate errors.\u003c/p\u003e\n"],["\u003cp\u003eThe content covers error scenarios for various OAuth flows, including Authorization Code, Generate AccessToken, Implicit, Refresh Token, Verify AccessToken, Get OAuth V2 Info, Set OAuth V2 Info, and Delete OAuth V2 Info.\u003c/p\u003e\n"],["\u003cp\u003eError examples demonstrate issues like invalid or missing client IDs, redirect URIs, response types, grant types, authorization codes, access tokens, and refresh tokens.\u003c/p\u003e\n"],["\u003cp\u003eThe error responses are returned with specific HTTP status codes, such as 400, 401, 403, 404, or 500, and include error codes and descriptions within the response body.\u003c/p\u003e\n"],["\u003cp\u003eThe OAuthV2 policy, GetOAuthv2Info policy, SetOAuth v2 Info policy and DeleteOAuthv2Info policy reference documents should be consulted for further information regarding error names and codes.\u003c/p\u003e\n"]]],[],null,["# OAuth HTTP error response reference\n\n*This page\napplies to **Apigee** and **Apigee hybrid**.*\n\n\n*View [Apigee Edge](https://docs.apigee.com/api-platform/get-started/what-apigee-edge) documentation.*\n\n| **Note:** **This topic is deprecated.** The error names and HTTP response codes associated with the OAuthV2 policies are described in each policy's reference documentation:\n|\n| - [OAuthv2 policy](/apigee/docs/api-platform/reference/policies/oauthv2-policy)\n| - [GetOAuthv2Info policy](/apigee/docs/api-platform/reference/policies/get-oauth-v2-info-policy)\n| - [SetOAuth v2 Info policy](/apigee/docs/api-platform/reference/policies/set-oauth-v2-info-policy)\n| - [DeleteOAuthv2Info policy](/apigee/docs/api-platform/reference/policies/delete-oauth-v2-info)\n\nThis topic provides HTTP status codes you may encounter when\nan OAuth policy throws errors in Apigee.\n\nFor guidance on handling errors, see [Handling faults](/apigee/docs/api-platform/fundamentals/fault-handling).\n\nFor policy-specific error codes, see\n[OAuth v2\npolicy error reference](/apigee/docs/api-platform/reference/policies/oauthv2-policy#errorreference).\n\nAuthorization Code\n------------------\n\n### Invalid Redirect URI\n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Invalid redirection uri http://www.invalid_example.com\"}\n```\n\n### No Redirect URI\n\n```http\nHTTP/1.1 400 Bad Request {\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Redirection URI is required\"}\n```\n\n### Invalid Key\n\n```http\nHTTP/1.1 401 Unauthorized {\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Invalid client id : AVD7ztXReEYyjpLFkkPiZpLEjeF2aYAz. ClientId is Invalid\"}\n```\n\n### Missing Key\n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"The request is missing a required parameter : client_id\"}\n```\n\n### Invalid Response Type\n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Response type must be code\"}\n```\n\n### Missing Response Type\n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"The request is missing a required parameter : response_type\"}\n```\n\nGenerate AccessToken\n--------------------\n\n### Invalid Auth Code\n\n```scdoc\nHTTP status: 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Invalid Authorization Code\"}\n```\n\n### No Redirect URI\n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Required param : redirect_uri\"}\n```\n\n### Invalid Redirect URI\n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Invalid redirect_uri : oob\"}\n```\n\n### Invalid Client ID when\nGenerateResponse is false\n\nThis error is returned when the `\u003cGenerateResponse\u003e` property is set to\n**false** and the client credentials are invalid. \n\n```text\n{\n \"fault\": {\n \"faultstring\": \"Invalid client identifier {0}\",\n \"detail\": {\n \"errorcode\": \"oauth.v2.InvalidClientIdentifier\"\n }\n }\n}\n```\n\n### Invalid Client ID when\nGenerateResponse is true\n\nThis error is returned when the `\u003cGenerateResponse\u003e` property is set to\n**true** and the client credentials are invalid. \n\n```scdoc\n{\"ErrorCode\" : \"invalid_client\", \"Error\" :\"ClientId is Invalid\"}\n```\n\n### Invalid GrantType\n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Unsupported grant type : client_credentials_invalid\"}\n```\n\n### No Username\n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Required param : username\"}\n```\n\n### No Password\n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Required param : password\"}\n```\n\n### No GrantType (Custom Policy)\n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Required param : grant_type\"}\n```\n\n### No AuthCode\n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Required param : code\"}\n```\n\nImplicit\n--------\n\n### Invalid Client ID\n\n```http\nHTTP/1.1 401 Unauthorized\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Invalid client id : AVD7ztXReEYyjpLFkkPiZpLEjeF2aYAz. ClientId is Invalid\"}\n```\n\n### No Client ID\n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"The request is missing a required parameter : client_id\"}\n```\n\n### Invalid Response Type\n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Response type must be token\"}\n```\n\n### No Response Type\n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"The request is missing a required parameter : response_type\"}\n```\n\n### Invalid Redirect URI\n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Invalid redirection uri http://www.invalid_example.com\"}\n```\n\n### No Redirect URI\n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Redirection URI is required\"}\n```\n\nRefresh Token\n-------------\n\n### Invalid RefreshToken\n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Invalid Refresh Token\"}\n```\n\n### Expired RefreshToken\n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Refresh Token expired\"}\n```\n\n### Invalid Scope\n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Invalid Scope\"}\n```\n\n### Invalid Client ID when\nGenerateResponse is false\n\nThis error is returned when the GenerateResponse property is set to **false** and\nthe client credentials are invalid. \n\n```text\n{\n \"fault\": {\n \"faultstring\": \"Invalid client identifier {0}\",\n \"detail\": {\n \"errorcode\": \"oauth.v2.InvalidClientIdentifier\"\n }\n }\n}\n```\n\n### Invalid Client ID when\nGenerateResponse is true\n\nThis error is returned when the GenerateResponse property is set to **true** and\nthe client credentials are invalid. \n\n```scdoc\n{\"ErrorCode\" : \"invalid_client\", \"Error\" :\"ClientId is Invalid\"}\n```\n\nVerify AccessToken\n------------------\n\n### Invalid AccessToken\n\n```http\nHTTP/1.1 401 Unauthorized\n{\"fault\":{\"faultstring\":\"Invalid Access Token\",\"detail\":{\"errorcode\":\"keymanagement.service.invalid_access_token\"}}}\n```\n\n### Invalid Resource\n\n```http\nHTTP/1.1 401 Unauthorized\n{\"fault\":{\"faultstring\":\"APIResource \\/facebook\\/acer does not exist\",\"detail\":{\"errorcode\":\"keymanagement.service.apiresource_doesnot_exist\"}}}\n```\n\n### Invalid Scope\n\n```http\nHTTP/1.1 403 Forbidden\n{\"fault\":{\"faultstring\":\"Required scope(s) : VerifyAccessToken.scopeSet\",\"detail\":{\"errorcode\":\"steps.oauth.v2.InsufficientScope\"}}}\n```\n\n### No Auth Header\n\n```http\nHTTP/1.1 401 Unauthorized\n{\"fault\":{\"faultstring\":\"Invalid access token\",\"detail\":{\"errorcode\":\"oauth.v2.InvalidAccessToken\"}}}\n```\n\n### No match for ApiProduct\n(With Env \\& Proxy Configured)\n\n```http\nHTTP/1.1 401 Unauthorized\n{\"fault\":{\"faultstring\":\"Invalid API call as no apiproduct match found\",\"detail\":{\"errorcode\":\"keymanagement.service.InvalidAPICallAsNoApiProductMatchFound\"}}}\n```\n\n### Access token expired\n\n```http\nHTTP/1.1 401 Unauthorized\n{\"fault\":{\"faultstring\":\"Access Token expired\",\"detail\":{\"errorcode\":\"keymanagement.service.access_token_expired\"}}}\n```\n\n### Access token revoked\n\n```http\nHTTP/1.1 401 Unauthorized\n{\"fault\":{\"faultstring\":\"Access Token not approved\",\"detail\":{\"errorcode\":\"keymanagement.service.access_token_not_approved\"}}}\n```\n\nGet OAuth V2 Info\n-----------------\n\n### Invalid Refresh Token\n\n```http\nHTTP/1.1 404 Not Found\n{\"fault::{\"detail\":{\"errorcode\":\"keymanagement.service.invalid_refresh_token\"},\"faultstring\":\"Invalid Refresh Token\"}}\n```\n\n### Invalid Access Token\n\n```http\nHTTP/1.1 404 Not Found\n{\n \"fault\": {\n \"faultstring\": \"Invalid Access Token\",\n \"detail\": {\n \"errorcode\": \"keymanagement.service.invalid_access_token\"\n }\n }\n}\n```\n\n### Expired Access Token\n\n```http\nHTTP/1.1 500 Not Found\n{\n \"fault\": {\n \"faultstring\": \"Access Token expired\",\n \"detail\": {\n \"errorcode\": \"keymanagement.service.access_token_expired\"\n }\n }\n}\n```\n\n### Expired Refresh Token\n\n```http\nHTTP/1.1 500 Not Found\n{\n \"fault\": {\n \"faultstring\": \"Refresh Token expired\",\n \"detail\": {\n \"errorcode\": \"keymanagement.service.refresh_token_expired\"\n }\n }\n}\n```\n\n### Invalid Client ID\n\n```http\nHTTP/1.1 404 Not Found\n{\n \"fault\": {\n \"faultstring\": \"Invalid Client Id\",\n \"detail\": {\n \"errorcode\": \"keymanagement.service.invalid_client-invalid_client_id\"\n }\n }\n}\n```\n\n### Invalid Authorization Code\n\n```http\nHTTP/1.1 404 Not Found\n{\n \"fault\": {\n \"faultstring\": \"Invalid Authorization Code\",\n \"detail\": {\n \"errorcode\": \"keymanagement.service.invalid_request-authorization_code_invalid\"\n }\n }\n}\n```\n\n### Expired Authorization Code\n\n```http\nHTTP/1.1 500 Not Found\n{\n \"fault\": {\n \"faultstring\": \"Authorization Code expired\",\n \"detail\": {\n \"errorcode\": \"keymanagement.service.authorization_code_expired\"\n }\n }\n}\n```\n\nSet OAuth V2 Info\n-----------------\n\n### Invalid Access Token\n\n```http\nHTTP/1.1 404 Not Found\n{\n \"fault\": {\n \"faultstring\": \"Invalid Access Token\",\n \"detail\": {\n \"errorcode\": \"keymanagement.service.invalid_access_token\"\n }\n }\n}\n```\n\n### Expired Access Token\n\n```http\nHTTP/1.1 500 Not Found\n{\n \"fault\": {\n \"faultstring\": \"Access Token expired\",\n \"detail\": {\n \"errorcode\": \"keymanagement.service.access_token_expired\"\n }\n }\n}\n```\n\nDelete OAuth V2 Info\n--------------------\n\nOn success, the policy returns a 200 status.\n\nOn failure, the policy returns 404 and output similar to the following (depending on whether\nyou are deleting an access token or an auth code): \n\n```http\nHTTP/1.1 404 Not Found\nContent-Type: application/json\nContent-Length: 144\nConnection: keep-alive\n\n{\"fault\":{\"faultstring\":\"Invalid Authorization Code\",\"detail\":{\"errorcode\":\"keymanagement.service.invalid_request-authorization_code_invalid\"}}}\n```"]]
