Responses: Authorization Code Grant Request
Acceptance
If the user accepts your App's request to access Eloqua on their behalf, their user agent is eventually redirected to your app's redirection endpoint with an authorization code in the code URL parameter, as in the following example authorization dialog:
Location: https://client.example.com/cb?code=SplxlOBeZQQYbYS6WxSbIA&state=xyz
Rejection
If the user rejects your app's request to access Eloqua on their behalf, their user agent is eventually redirected to your App's registered redirection endpoint with the error access_denied
in the error
URL parameter, as in the following:
Location: https://client.example.com/cb?error=access_denied&state=xyz
Failure Before client_id
or redirect_url
Validation
If a failure occurs before the supplied client_id
or redirect_uri
are validated, we can't safely redirect the user agent back to the redirect URI to report the failure, and so we return the details of the failure in the body of the response.
Missing client_id
GET https://login.eloqua.com/auth/oauth2/authorize?response_type=code&redirect_uri=https%3a%2f%2fclient.example.com%2fapp&scope=full&state=xyz
HTTP/1.1 200 OK
Content-Type: text/html
The "client_id" parameter is required.
Unknown client_id
GET https://login.eloqua.com/auth/oauth2/authorize?response_type=code&client_id=00000000000000000000000000000000&redirect_uri=https%3a%2f%2fclient.example.com%2fapp&scope=full&state=xyz
HTTP/1.1 200 OK
Content-Type: text/html
The "client_id" value is not a known client identifier.
Malformed client_id
GET https://login.eloqua.com/auth/oauth2/authorize?response_type=code
&client_id=malformed&redirect_uri=https%3a%2f%2fclient.example.com%2fapp&scope=full&state=xyz
HTTP/1.1 200 OK
Content-Type: text/html
The "client_id" value is not a valid client identifier.
Mismatched redirect_uri
GET https://login.eloqua.com/auth/oauth2/authorize?response_type=code&client_id=s6BhdRkqt3&redirect_uri=https%3a%2f%2attacker.com%2fapp&scope=full&state=xyzHTTP/1.1 200 OK
Content-Type: text/html
The "redirect_uri" value doesn't start with the client redirect URI.
Missing client_uri
GET https://login.eloqua.com/auth/oauth2/authorize?response_type=code&client_id=s6BhdRkqt3&redirect_uri=http%3a%2f%2fclient.example.com%2fapp&scope=full&state=xyz
HTTP/1.1 200 OK
Content-Type: text/html
The "redirect_uri" value is not an HTTPS URI.
redirect_uri
with fragment
GET https://login.eloqua.com/auth/oauth2/authorize?response_type=code&client_id=s6BhdRkqt3&redirect_uri=https%3a%2f%2fclient.example.com%2fapp%23fragment&scope=full&state=xyz
HTTP/1.1 200 OK
Content-Type: text/html
The "redirect_uri" value has a fragment.
Failure After client_id
or redirect_uri
Validation
If a failure occurs after the client_id
and redirect_uri
have been validated, Eloqua can safely redirect user agent back to the redirect URI to report the failure. In this case, the Authorization Dialog returns the details of the failure in the error
and error_description
URL parameters.
Internal server error
HTTP/1.1 302 Found
Location: https://client.example.com/cb?error=server_error&error_description=The+server+encountered+an+unexpected+condition+that+prevented+it+from+fulfilling+the+request.&state=xyz
Missing response_type
GET https://login.eloqua.com/auth/oauth2/authorize?client_id=s6BhdRkqt3&redirect_uri=https%3a%2f%2fclient.example.com%2fapp&scope=full&state=xyz
HTTP/1.1 302 Found
Location: https://client.example.com/cb?error=invalid_request&error_description=The+%22response_type%22+parameter+is+required.&state=xyz
Unknown response_type
GET https://login.eloqua.com/auth/oauth2/authorize?client_id=s6BhdRkqt3&redirect_uri=https%3a%2f%2fclient.example.com%2fapp&scope=full&state=xyz
HTTP/1.1 302 Found
Location: https://client.example.com/cb?error=invalid_request&error_description=The+%22response_type%22+parameter+is+required.&state=xyz
Unknown scope
GET https://login.eloqua.com/auth/oauth2/authorize?response_type=code
&client_id=s6BhdRkqt3&redirect_uri=https%3a%2f%2fclient.example.com%2fapp&scope=unknown&state=xyz
HTTP/1.1 302 Found
Location: https://client.example.com/cb?error=invalid_scope&error_description=The+%22scope%22+parameter+must+be+either+%22full%22+or+not+supplied.&state=xyz