Errors returned to the OIDC client

Open Revsgaard opened this issue 11 months ago • 1 comments

Return more errors and error information to the OIDC client without compromising security.

login_timeput
login_canceled
certificate experation
etc.

Add a list for possible errors send to the OIDC client. Example of error list from Azure https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-auth-code-flow#error-response

Feb 18 '25 11:02 Revsgaard

error_description could provide additional information

if possible, distinguish between type of errors (and possible remediation); is the error due to end user provided info, IdP error, configuration error etc, whatever to help the end user (action could be taken; refresh page, try to login again or there's nothing to do; cert has expired, contact IdP/home organization etc)

Feb 18 '25 11:02 ErikAndreas