> ## Documentation Index
> Fetch the complete documentation index at: https://www.text.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication errors

> OAuth error codes returned by the Text authorization server, their meanings, and possible causes.

All authorization errors redirect to `https://accounts.livechat.com/ooops`, while authentication errors redirect to `https://accounts.livechat.com/`.

Error codes are returned in the query string as the `oauth_exception` parameter (for authorization errors) or `identity_exception` parameter (for authentication errors). An additional `exception_details` parameter may be included with more specific information.

## Authorization errors

### `invalid_request`

The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Possible reasons:

* wrong HTTP method
* invalid HTTP body encoding

### `unauthorized_client`

The client is not authorized to request a token using this method. Possible reasons:

* missing client ID
* client ID not found
* refresh token not found
* invalid client secret
* invalid redirect URI

### `access_denied`

The resource owner or authorization server denied the request. Possible reasons:

* the requested scopes include a scope that wasn't originally granted by the resource owner

Not helpful? See [`access_denied`](#access_denied-1) in Authentication errors.

### `unsupported_response_type`

The authorization server does not support obtaining a token using this method. Possible reasons:

* response type is not `code` or `token`

### `invalid_scope`

The requested scope is invalid, insufficient, unknown, or malformed. Possible reasons:

* scope not found
* scope name not found
* an app requires `administrator` scopes, but an `agent` user was logged in

### `server_error`

The authorization server encountered an unexpected condition that prevented it from fulfilling the request. Possible reasons:

* server down
* server storage down

Not helpful? See [`server_error`](#server_error-1) in Authentication errors.

### `temporarily_unavailable`

The authorization server is currently unable to handle the request due to a temporary overload or maintenance. Currently not used.

### `unsupported_grant_type`

The authorization grant type is not supported by the authorization server.

* using a disabled authorization grant type, for example client credentials grant; <a href="https://tools.ietf.org/html/rfc6749#section-4.4" target="_blank" rel="noopener noreferrer">read more</a>

### `invalid_grant`

The provided authorization grant or refresh token is invalid, expired, revoked, does not match the redirection URI, or was issued to another client. Possible reasons:

* refresh token expired
* access token expired

### `invalid_client`

Client authentication failed. Possible reasons:

* using a refresh token with the wrong client ID

### `missing_grant`

The client is missing granted rights. Possible reasons:

* grants were rejected
* grants were never given
* client changed required grants

### Exception details

`client_id_not_found` — wrong client ID; the client ID does not exist

`redirect_uri_not_set` — client misconfiguration; the client has not set a redirect URI

`invalid_redirect_uri` — redirect URI is not one of the client's allowed redirects

`too_many_redirects` — the server detected a redirect loop; the client is redirecting too many times

## Authentication errors

### `invalid_request`

The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed.

Not helpful? See [`invalid_request`](#invalid_request) in Authorization errors.

### `unauthorized`

The request is valid, but the identity data is wrong or the identity does not exist. If the identity ID is known, it is added to the query string as `entity_id`.

### `server_error`

The server encountered an unexpected condition that prevented it from determining the identity.

Not helpful? See [`server_error`](#server_error) in Authorization errors.

### `access_denied`

The identity is known, but access is denied for business reasons — for example, the identity is banned or has the wrong account version.

Not helpful? See [`access_denied`](#access_denied) in Authorization errors.

### `identity_lost`

The identity was removed due to logout, password reset, or remote logout.

### `credentials_login_disabled`

The identity has disabled the credentials login strategy. The identity should be verified with another strategy such as Google OAuth or SAML.
