Querystring (URL)

client_id

string

Påkrevd

request_uri

string

request_uri returnert til klienten fra /par-endepunktet

• Dersom “response_mode” i kallet til /Authorize ikke var med: Som querrie parametere i redirect-URL

• Dersom “response_mode” i kallet til /Authorize var “form_post”: Redirect via Post og Content-type: application/x-www-form-urlencoded

code

string

Autorisasjonskode som må benyttes for å etterpå få Token i /Token.

state

string

• state-parameter som ble sendt inn til /par-endepunktet

• Under utfasing PAR ikke benyttet: state-parameter som ble sendt inn til /Authorize-endepunktet

Body hvis response_mode=form_post, Querystring hvis response_mode=query

error

string

Sendes med: Ja

error_description

string

Sendes med: Ja

state

Sendes med: Ja, oppgitt state parameter fra steg 3

400

invalid_request

The request is missing a required parameter, includes an
unsupported parameter value (other than grant type),
repeats a parameter, includes multiple credentials,
utilizes more than one mechanism for authenticating the
client, or is otherwise malformed

400

invalid_client

Client authentication failed (e.g., unknown client, no
client authentication included, or unsupported
authentication method). The authorization server MAY
return an HTTP 401 (Unauthorized) status code to indicate
which HTTP authentication schemes are supported. If the
client attempted to authenticate via the "Authorization"
request header field, the authorization server MUST
respond with an HTTP 401 (Unauthorized) status code and
include the "WWW-Authenticate" response header field
matching the authentication scheme used by the client.

400

unauthorized_client

The authenticated client is not authorized to use this
authorization grant type.

503

temporarily_unavailable

The authorization server is currently unable to handle
the request due to a temporary overloading or maintenance
of the server.