HTTP/1.1401Unauthorized{"fault":{"faultstring":"APIResource \/facebook\/acer does not exist","detail":{"errorcode":"keymanagement.service.apiresource_doesnot_exist"}}}
Nessuna corrispondenza per ApiProduct
(con ambiente e proxy configurati)
HTTP/1.1401Unauthorized{"fault":{"faultstring":"Invalid API call as no apiproduct match found","detail":{"errorcode":"keymanagement.service.InvalidAPICallAsNoApiProductMatchFound"}}}
In caso di esito positivo, la policy restituisce lo stato 200.
In caso di errore, il criterio restituisce 404 e un output simile al seguente (a seconda che
tu stia eliminando un token di accesso o un codice di autorizzazione):
[[["Facile da capire","easyToUnderstand","thumb-up"],["Il problema è stato risolto","solvedMyProblem","thumb-up"],["Altra","otherUp","thumb-up"]],[["Difficile da capire","hardToUnderstand","thumb-down"],["Informazioni o codice di esempio errati","incorrectInformationOrSampleCode","thumb-down"],["Mancano le informazioni o gli esempi di cui ho bisogno","missingTheInformationSamplesINeed","thumb-down"],["Problema di traduzione","translationIssue","thumb-down"],["Altra","otherDown","thumb-down"]],["Ultimo aggiornamento 2025-09-04 UTC."],[[["\u003cp\u003eThis document details HTTP status codes and error messages encountered when OAuth policies in Apigee and Apigee hybrid generate errors.\u003c/p\u003e\n"],["\u003cp\u003eThe content covers error scenarios for various OAuth flows, including Authorization Code, Generate AccessToken, Implicit, Refresh Token, Verify AccessToken, Get OAuth V2 Info, Set OAuth V2 Info, and Delete OAuth V2 Info.\u003c/p\u003e\n"],["\u003cp\u003eError examples demonstrate issues like invalid or missing client IDs, redirect URIs, response types, grant types, authorization codes, access tokens, and refresh tokens.\u003c/p\u003e\n"],["\u003cp\u003eThe error responses are returned with specific HTTP status codes, such as 400, 401, 403, 404, or 500, and include error codes and descriptions within the response body.\u003c/p\u003e\n"],["\u003cp\u003eThe OAuthV2 policy, GetOAuthv2Info policy, SetOAuth v2 Info policy and DeleteOAuthv2Info policy reference documents should be consulted for further information regarding error names and codes.\u003c/p\u003e\n"]]],[],null,["*This page\napplies to **Apigee** and **Apigee hybrid**.*\n\n\n*View [Apigee Edge](https://docs.apigee.com/api-platform/get-started/what-apigee-edge) documentation.*\n\n| **Note:** **This topic is deprecated.** The error names and HTTP response codes associated with the OAuthV2 policies are described in each policy's reference documentation:\n|\n| - [OAuthv2 policy](/apigee/docs/api-platform/reference/policies/oauthv2-policy)\n| - [GetOAuthv2Info policy](/apigee/docs/api-platform/reference/policies/get-oauth-v2-info-policy)\n| - [SetOAuth v2 Info policy](/apigee/docs/api-platform/reference/policies/set-oauth-v2-info-policy)\n| - [DeleteOAuthv2Info policy](/apigee/docs/api-platform/reference/policies/delete-oauth-v2-info)\n\nThis topic provides HTTP status codes you may encounter when\nan OAuth policy throws errors in Apigee.\n\nFor guidance on handling errors, see [Handling faults](/apigee/docs/api-platform/fundamentals/fault-handling).\n\nFor policy-specific error codes, see\n[OAuth v2\npolicy error reference](/apigee/docs/api-platform/reference/policies/oauthv2-policy#errorreference).\n\nAuthorization Code\n\nInvalid Redirect URI \n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Invalid redirection uri http://www.invalid_example.com\"}\n```\n\nNo Redirect URI \n\n```http\nHTTP/1.1 400 Bad Request {\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Redirection URI is required\"}\n```\n\nInvalid Key \n\n```http\nHTTP/1.1 401 Unauthorized {\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Invalid client id : AVD7ztXReEYyjpLFkkPiZpLEjeF2aYAz. ClientId is Invalid\"}\n```\n\nMissing Key \n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"The request is missing a required parameter : client_id\"}\n```\n\nInvalid Response Type \n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Response type must be code\"}\n```\n\nMissing Response Type \n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"The request is missing a required parameter : response_type\"}\n```\n\nGenerate AccessToken\n\nInvalid Auth Code \n\n```scdoc\nHTTP status: 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Invalid Authorization Code\"}\n```\n\nNo Redirect URI \n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Required param : redirect_uri\"}\n```\n\nInvalid Redirect URI \n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Invalid redirect_uri : oob\"}\n```\n\nInvalid Client ID when\nGenerateResponse is false\n\nThis error is returned when the `\u003cGenerateResponse\u003e` property is set to\n**false** and the client credentials are invalid. \n\n```text\n{\n \"fault\": {\n \"faultstring\": \"Invalid client identifier {0}\",\n \"detail\": {\n \"errorcode\": \"oauth.v2.InvalidClientIdentifier\"\n }\n }\n}\n```\n\nInvalid Client ID when\nGenerateResponse is true\n\nThis error is returned when the `\u003cGenerateResponse\u003e` property is set to\n**true** and the client credentials are invalid. \n\n```scdoc\n{\"ErrorCode\" : \"invalid_client\", \"Error\" :\"ClientId is Invalid\"}\n```\n\nInvalid GrantType \n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Unsupported grant type : client_credentials_invalid\"}\n```\n\nNo Username \n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Required param : username\"}\n```\n\nNo Password \n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Required param : password\"}\n```\n\nNo GrantType (Custom Policy) \n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Required param : grant_type\"}\n```\n\nNo AuthCode \n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Required param : code\"}\n```\n\nImplicit\n\nInvalid Client ID \n\n```http\nHTTP/1.1 401 Unauthorized\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Invalid client id : AVD7ztXReEYyjpLFkkPiZpLEjeF2aYAz. ClientId is Invalid\"}\n```\n\nNo Client ID \n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"The request is missing a required parameter : client_id\"}\n```\n\nInvalid Response Type \n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Response type must be token\"}\n```\n\nNo Response Type \n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"The request is missing a required parameter : response_type\"}\n```\n\nInvalid Redirect URI \n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Invalid redirection uri http://www.invalid_example.com\"}\n```\n\nNo Redirect URI \n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Redirection URI is required\"}\n```\n\nRefresh Token\n\nInvalid RefreshToken \n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Invalid Refresh Token\"}\n```\n\nExpired RefreshToken \n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Refresh Token expired\"}\n```\n\nInvalid Scope \n\n```http\nHTTP/1.1 400 Bad Request\n{\"ErrorCode\" : \"invalid_request\", \"Error\" :\"Invalid Scope\"}\n```\n\nInvalid Client ID when\nGenerateResponse is false\n\nThis error is returned when the GenerateResponse property is set to **false** and\nthe client credentials are invalid. \n\n```text\n{\n \"fault\": {\n \"faultstring\": \"Invalid client identifier {0}\",\n \"detail\": {\n \"errorcode\": \"oauth.v2.InvalidClientIdentifier\"\n }\n }\n}\n```\n\nInvalid Client ID when\nGenerateResponse is true\n\nThis error is returned when the GenerateResponse property is set to **true** and\nthe client credentials are invalid. \n\n```scdoc\n{\"ErrorCode\" : \"invalid_client\", \"Error\" :\"ClientId is Invalid\"}\n```\n\nVerify AccessToken\n\nInvalid AccessToken \n\n```http\nHTTP/1.1 401 Unauthorized\n{\"fault\":{\"faultstring\":\"Invalid Access Token\",\"detail\":{\"errorcode\":\"keymanagement.service.invalid_access_token\"}}}\n```\n\nInvalid Resource \n\n```http\nHTTP/1.1 401 Unauthorized\n{\"fault\":{\"faultstring\":\"APIResource \\/facebook\\/acer does not exist\",\"detail\":{\"errorcode\":\"keymanagement.service.apiresource_doesnot_exist\"}}}\n```\n\nInvalid Scope \n\n```http\nHTTP/1.1 403 Forbidden\n{\"fault\":{\"faultstring\":\"Required scope(s) : VerifyAccessToken.scopeSet\",\"detail\":{\"errorcode\":\"steps.oauth.v2.InsufficientScope\"}}}\n```\n\nNo Auth Header \n\n```http\nHTTP/1.1 401 Unauthorized\n{\"fault\":{\"faultstring\":\"Invalid access token\",\"detail\":{\"errorcode\":\"oauth.v2.InvalidAccessToken\"}}}\n```\n\nNo match for ApiProduct\n(With Env \\& Proxy Configured) \n\n```http\nHTTP/1.1 401 Unauthorized\n{\"fault\":{\"faultstring\":\"Invalid API call as no apiproduct match found\",\"detail\":{\"errorcode\":\"keymanagement.service.InvalidAPICallAsNoApiProductMatchFound\"}}}\n```\n\nAccess token expired \n\n```http\nHTTP/1.1 401 Unauthorized\n{\"fault\":{\"faultstring\":\"Access Token expired\",\"detail\":{\"errorcode\":\"keymanagement.service.access_token_expired\"}}}\n```\n\nAccess token revoked \n\n```http\nHTTP/1.1 401 Unauthorized\n{\"fault\":{\"faultstring\":\"Access Token not approved\",\"detail\":{\"errorcode\":\"keymanagement.service.access_token_not_approved\"}}}\n```\n\nGet OAuth V2 Info\n\nInvalid Refresh Token \n\n```http\nHTTP/1.1 404 Not Found\n{\"fault::{\"detail\":{\"errorcode\":\"keymanagement.service.invalid_refresh_token\"},\"faultstring\":\"Invalid Refresh Token\"}}\n```\n\nInvalid Access Token \n\n```http\nHTTP/1.1 404 Not Found\n{\n \"fault\": {\n \"faultstring\": \"Invalid Access Token\",\n \"detail\": {\n \"errorcode\": \"keymanagement.service.invalid_access_token\"\n }\n }\n}\n```\n\nExpired Access Token \n\n```http\nHTTP/1.1 500 Not Found\n{\n \"fault\": {\n \"faultstring\": \"Access Token expired\",\n \"detail\": {\n \"errorcode\": \"keymanagement.service.access_token_expired\"\n }\n }\n}\n```\n\nExpired Refresh Token \n\n```http\nHTTP/1.1 500 Not Found\n{\n \"fault\": {\n \"faultstring\": \"Refresh Token expired\",\n \"detail\": {\n \"errorcode\": \"keymanagement.service.refresh_token_expired\"\n }\n }\n}\n```\n\nInvalid Client ID \n\n```http\nHTTP/1.1 404 Not Found\n{\n \"fault\": {\n \"faultstring\": \"Invalid Client Id\",\n \"detail\": {\n \"errorcode\": \"keymanagement.service.invalid_client-invalid_client_id\"\n }\n }\n}\n```\n\nInvalid Authorization Code \n\n```http\nHTTP/1.1 404 Not Found\n{\n \"fault\": {\n \"faultstring\": \"Invalid Authorization Code\",\n \"detail\": {\n \"errorcode\": \"keymanagement.service.invalid_request-authorization_code_invalid\"\n }\n }\n}\n```\n\nExpired Authorization Code \n\n```http\nHTTP/1.1 500 Not Found\n{\n \"fault\": {\n \"faultstring\": \"Authorization Code expired\",\n \"detail\": {\n \"errorcode\": \"keymanagement.service.authorization_code_expired\"\n }\n }\n}\n```\n\nSet OAuth V2 Info\n\nInvalid Access Token \n\n```http\nHTTP/1.1 404 Not Found\n{\n \"fault\": {\n \"faultstring\": \"Invalid Access Token\",\n \"detail\": {\n \"errorcode\": \"keymanagement.service.invalid_access_token\"\n }\n }\n}\n```\n\nExpired Access Token \n\n```http\nHTTP/1.1 500 Not Found\n{\n \"fault\": {\n \"faultstring\": \"Access Token expired\",\n \"detail\": {\n \"errorcode\": \"keymanagement.service.access_token_expired\"\n }\n }\n}\n```\n\nDelete OAuth V2 Info\n\nOn success, the policy returns a 200 status.\n\nOn failure, the policy returns 404 and output similar to the following (depending on whether\nyou are deleting an access token or an auth code): \n\n```http\nHTTP/1.1 404 Not Found\nContent-Type: application/json\nContent-Length: 144\nConnection: keep-alive\n\n{\"fault\":{\"faultstring\":\"Invalid Authorization Code\",\"detail\":{\"errorcode\":\"keymanagement.service.invalid_request-authorization_code_invalid\"}}}\n```"]]
