According
tohttps://www.oauth.com/oauth2-servers/access-tokens/access-token-response/
Error responses are returned with an HTTP 400 status code (unless
specified otherwise), with error and error_description parameters. The
error parameter will always be one of the values listed below.
* invalid_request
* invalid_client
* invalid_grant
* invalid_scope
* unauthorized_client
* unsupported_grant_type
Can I have custom error like "invalid_captcha" or "captcha_required"?
I want , if some one send wrong credentials for 3 times , I send
"captcha_required" error and for next time must send valid captcha code
My question is:
1. Is it allowed to define custom error codes in OAuth ?
2. Is there alternative way to solve my problem?
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth