1. Oracle Eloqua REST APIREST API for Oracle Eloqua Marketing Cloud Service
  2. Authentication
  3. Responses: Authorization Code Grant Request

Responses: Authorization Code Grant Request

Acceptance

If the user accepts your App's request to access Eloqua on their behalf, their user agent is eventually redirected to your app's redirection endpoint with an authorization code in the code URL parameter, as in the following example authorization dialog:

Location: https://client.example.com/cb?code=SplxlOBeZQQYbYS6WxSbIA&state=xyz

Rejection

If the user rejects your app's request to access Eloqua on their behalf, their user agent is eventually redirected to your App's registered redirection endpoint with the error access_denied in the error URL parameter, as in the following: 

Location: https://client.example.com/cb?error=access_denied&state=xyz

Failure Before client_id or redirect_url Validation

If a failure occurs before the supplied client_id or redirect_uri are validated, we can't safely redirect the user agent back to the redirect URI to report the failure, and so we return the details of the failure in the body of the response.

Missing client_id


GET https://login.eloqua.com/auth/oauth2/authorize?response_type=code&redirect_uri=https%3a%2f%2fclient.example.com%2fapp&scope=full&state=xyz

HTTP/1.1 200 OK
Content-Type: text/html

The "client_id" parameter is required.

Unknown client_id


GET https://login.eloqua.com/auth/oauth2/authorize?response_type=code&client_id=00000000000000000000000000000000&redirect_uri=https%3a%2f%2fclient.example.com%2fapp&scope=full&state=xyz

HTTP/1.1 200 OK
Content-Type: text/html

The "client_id" value is not a known client identifier.

Malformed client_id


GET https://login.eloqua.com/auth/oauth2/authorize?response_type=code
&client_id=malformed&redirect_uri=https%3a%2f%2fclient.example.com%2fapp&scope=full&state=xyz

HTTP/1.1 200 OK
Content-Type: text/html

The "client_id" value is not a valid client identifier.

Mismatched redirect_uri


GET https://login.eloqua.com/auth/oauth2/authorize?response_type=code&client_id=s6BhdRkqt3&redirect_uri=https%3a%2f%2attacker.com%2fapp&scope=full&state=xyzHTTP/1.1 200 OK

Content-Type: text/html
The "redirect_uri" value doesn't start with the client redirect URI.

Missing client_uri


GET https://login.eloqua.com/auth/oauth2/authorize?response_type=code&client_id=s6BhdRkqt3&redirect_uri=http%3a%2f%2fclient.example.com%2fapp&scope=full&state=xyz

HTTP/1.1 200 OK
Content-Type: text/html

The "redirect_uri" value is not an HTTPS URI.

redirect_uri with fragment 


GET https://login.eloqua.com/auth/oauth2/authorize?response_type=code&client_id=s6BhdRkqt3&redirect_uri=https%3a%2f%2fclient.example.com%2fapp%23fragment&scope=full&state=xyz

HTTP/1.1 200 OK
Content-Type: text/html

The "redirect_uri" value has a fragment.

Failure After client_id or redirect_uri Validation

If a failure occurs after the client_id and redirect_uri have been validated, Eloqua can safely redirect user agent back to the redirect URI to report the failure. In this case, the Authorization Dialog returns the details of the failure in the error and error_description URL parameters.

Internal server error


HTTP/1.1 302 Found
Location: https://client.example.com/cb?error=server_error&error_description=The+server+encountered+an+unexpected+condition+that+prevented+it+from+fulfilling+the+request.&state=xyz

Missing response_type


GET https://login.eloqua.com/auth/oauth2/authorize?client_id=s6BhdRkqt3&redirect_uri=https%3a%2f%2fclient.example.com%2fapp&scope=full&state=xyz

HTTP/1.1 302 Found
Location: https://client.example.com/cb?error=invalid_request&error_description=The+%22response_type%22+parameter+is+required.&state=xyz

Unknown response_type


GET https://login.eloqua.com/auth/oauth2/authorize?client_id=s6BhdRkqt3&redirect_uri=https%3a%2f%2fclient.example.com%2fapp&scope=full&state=xyz

HTTP/1.1 302 Found
Location: https://client.example.com/cb?error=invalid_request&error_description=The+%22response_type%22+parameter+is+required.&state=xyz

Unknown scope


GET https://login.eloqua.com/auth/oauth2/authorize?response_type=code
&client_id=s6BhdRkqt3&redirect_uri=https%3a%2f%2fclient.example.com%2fapp&scope=unknown&state=xyz

HTTP/1.1 302 Found
Location: https://client.example.com/cb?error=invalid_scope&error_description=The+%22scope%22+parameter+must+be+either+%22full%22+or+not+supplied.&state=xyz