From 46ac8795984c7f2e9cc360d4732c0c908e866afd Mon Sep 17 00:00:00 2001 From: Johannes Koch <53434855+johakoch@users.noreply.github.com> Date: Wed, 16 Aug 2023 12:17:09 +0200 Subject: [PATCH] JWT AC status codes docu (#765) * adapt documentation of jwt error status codes, see PR #719 * format table --- .../content/2.configuration/7.error-handling.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/website/content/2.configuration/7.error-handling.md b/docs/website/content/2.configuration/7.error-handling.md index 3f1736d58..8f6ce2bf7 100644 --- a/docs/website/content/2.configuration/7.error-handling.md +++ b/docs/website/content/2.configuration/7.error-handling.md @@ -39,15 +39,15 @@ The following table documents error types that can be handled in the respective | Type (and super types) | Description | Default handling | |:------------------------------------------------|:-----------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------------------------------| -| `access_control` | Access control related errors. | Send error template with status `403`. | +| `access_control` | Access control related errors. | Send error template with status `403`. | | `basic_auth` (`access_control`) | All `basic_auth` related errors, e.g. unknown user or wrong password. | Send error template with status `401` and `WWW-Authenticate: Basic` header. | | `basic_auth_credentials_missing` (`basic_auth`) | Client does not provide any credentials. | Send error template with status `401` and `WWW-Authenticate: Basic` header. | -| `jwt` (`access_control`) | All `jwt` related errors. | Send error template with status `403`. | +| `jwt` (`access_control`) | All `jwt` related errors. | Send error template with status `401`. | | `jwt_token_missing` (`jwt`) | No token provided with configured token source. | Send error template with status `401`. | -| `jwt_token_expired` (`jwt`) | Given token is valid but expired. | Send error template with status `403`. | -| `jwt_token_invalid` (`jwt`) | The token is syntactically not a JWT, or not sufficient, e.g. because required claims are missing or have unexpected values. | Send error template with status `403`. | -| `saml` (or `saml2`) (`access_control`) | All `saml` related errors. | Send error template with status `403`. | -| `oauth2` (`access_control`) | All `beta_oauth2`/`oidc` related errors. | Send error template with status `403`. | +| `jwt_token_expired` (`jwt`) | Given token is valid but expired. | Send error template with status `401`. | +| `jwt_token_invalid` (`jwt`) | The token is syntactically not a JWT, or not sufficient, e.g. because required claims are missing or have unexpected values. | Send error template with status `401`. | +| `saml` (or `saml2`) (`access_control`) | All `saml` related errors. | Send error template with status `403`. | +| `oauth2` (`access_control`) | All `beta_oauth2`/`oidc` related errors. | Send error template with status `403`. | ### API error types