Skip to main content
All authorization errors redirect to https://accounts.livechat.com/ooops, while authentication errors redirect to https://accounts.livechat.com/. Error codes are returned in the query string as the oauth_exception parameter (for authorization errors) or identity_exception parameter (for authentication errors). An additional exception_details parameter may be included with more specific information.

Authorization errors

invalid_request

The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Possible reasons:
  • wrong HTTP method
  • invalid HTTP body encoding

unauthorized_client

The client is not authorized to request a token using this method. Possible reasons:
  • missing client ID
  • client ID not found
  • refresh token not found
  • invalid client secret
  • invalid redirect URI

access_denied

The resource owner or authorization server denied the request. Possible reasons:
  • the requested scopes include a scope that wasn’t originally granted by the resource owner
Not helpful? See access_denied in Authentication errors.

unsupported_response_type

The authorization server does not support obtaining a token using this method. Possible reasons:
  • response type is not code or token

invalid_scope

The requested scope is invalid, insufficient, unknown, or malformed. Possible reasons:
  • scope not found
  • scope name not found
  • an app requires administrator scopes, but an agent user was logged in

server_error

The authorization server encountered an unexpected condition that prevented it from fulfilling the request. Possible reasons:
  • server down
  • server storage down
Not helpful? See server_error in Authentication errors.

temporarily_unavailable

The authorization server is currently unable to handle the request due to a temporary overload or maintenance. Currently not used.

unsupported_grant_type

The authorization grant type is not supported by the authorization server.
  • using a disabled authorization grant type, for example client credentials grant; read more

invalid_grant

The provided authorization grant or refresh token is invalid, expired, revoked, does not match the redirection URI, or was issued to another client. Possible reasons:
  • refresh token expired
  • access token expired

invalid_client

Client authentication failed. Possible reasons:
  • using a refresh token with the wrong client ID

missing_grant

The client is missing granted rights. Possible reasons:
  • grants were rejected
  • grants were never given
  • client changed required grants

Exception details

client_id_not_found — wrong client ID; the client ID does not exist redirect_uri_not_set — client misconfiguration; the client has not set a redirect URI invalid_redirect_uri — redirect URI is not one of the client’s allowed redirects too_many_redirects — the server detected a redirect loop; the client is redirecting too many times

Authentication errors

invalid_request

The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Not helpful? See invalid_request in Authorization errors.

unauthorized

The request is valid, but the identity data is wrong or the identity does not exist. If the identity ID is known, it is added to the query string as entity_id.

server_error

The server encountered an unexpected condition that prevented it from determining the identity. Not helpful? See server_error in Authorization errors.

access_denied

The identity is known, but access is denied for business reasons — for example, the identity is banned or has the wrong account version. Not helpful? See access_denied in Authorization errors.

identity_lost

The identity was removed due to logout, password reset, or remote logout.

credentials_login_disabled

The identity has disabled the credentials login strategy. The identity should be verified with another strategy such as Google OAuth or SAML.