Skip to content

Commit

Permalink
JWT AC status codes docu (#765)
Browse files Browse the repository at this point in the history 
* adapt documentation of jwt error status codes, see PR #719

* format table
  • Loading branch information
@johakoch
johakoch authored Aug 16, 2023
1 parent 8152b0d commit 46ac879
Showing 1 changed file with 6 additions and 6 deletions.
12 changes: 6 additions & 6 deletions docs/website/content/2.configuration/7.error-handling.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,15 +39,15 @@ The following table documents error types that can be handled in the respective

| Type (and super types) | Description | Default handling |
|:------------------------------------------------|:-----------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------------------------------|
| `access_control` | Access control related errors. | Send error template with status `403`. |
| `access_control` | Access control related errors. | Send error template with status `403`. |
| `basic_auth` (`access_control`) | All `basic_auth` related errors, e.g. unknown user or wrong password. | Send error template with status `401` and `WWW-Authenticate: Basic` header. |
| `basic_auth_credentials_missing` (`basic_auth`) | Client does not provide any credentials. | Send error template with status `401` and `WWW-Authenticate: Basic` header. |
| `jwt` (`access_control`) | All `jwt` related errors. | Send error template with status `403`. |
| `jwt` (`access_control`) | All `jwt` related errors. | Send error template with status `401`. |
| `jwt_token_missing` (`jwt`) | No token provided with configured token source. | Send error template with status `401`. |
| `jwt_token_expired` (`jwt`) | Given token is valid but expired. | Send error template with status `403`. |
| `jwt_token_invalid` (`jwt`) | The token is syntactically not a JWT, or not sufficient, e.g. because required claims are missing or have unexpected values. | Send error template with status `403`. |
| `saml` (or `saml2`) (`access_control`) | All `saml` related errors. | Send error template with status `403`. |
| `oauth2` (`access_control`) | All `beta_oauth2`/`oidc` related errors. | Send error template with status `403`. |
| `jwt_token_expired` (`jwt`) | Given token is valid but expired. | Send error template with status `401`. |
| `jwt_token_invalid` (`jwt`) | The token is syntactically not a JWT, or not sufficient, e.g. because required claims are missing or have unexpected values. | Send error template with status `401`. |
| `saml` (or `saml2`) (`access_control`) | All `saml` related errors. | Send error template with status `403`. |
| `oauth2` (`access_control`) | All `beta_oauth2`/`oidc` related errors. | Send error template with status `403`. |

### API error types

Expand Down

0 comments on commit 46ac879

Please sign in to comment.