PingGateway 2024.6


When an OAuth 2.0 authorization operation fails, the error and error description provided by the authorization service are injected into this context for use downstream.

The amount and type of information in the context depends on when a failure occurs.

This context supports OAuth 2.0 error messages in the format given by RFC 6749.


The context is named OAuth2Failure, and is accessible at ${contexts.oauth2Failure}. The context has the following properties:

"error": java.lang.String

The error field name.

"description": java.lang.String

Error description field name.

"exception": org.forgerock.openig.filter.oauth2.client.OAuth2ErrorException

The OAuth 2.0 exception associated with the token exchange error.


For examples that use ${contexts.oauth2Failure.error} and ${contexts.oauth2Failure.description, refer to the routes in OAuth 2.0 token exchange and Discover and dynamically register with OpenID Connect providers.

Copyright © 2010-2024 ForgeRock, all rights reserved.