RESTlets and REST Web Services Error Messages in the Login Audit Trail

The following table lists errors that are visible in the Detail column of the Login Audit Trail Results.

Problem	RESTlets/REST Web Services	Resolution
The access token is expired.	AccessTokenExpired	Use the refresh token to get a new access token. If the refresh token is expired, initiate the authorization code grant flow to get a new pair of tokens. For more information, see OAuth 2.0 Authorization Code Grant Flow.
At least one of the following is invalid: Entity Contact Role	EntityOrRoleDisabled	Verify that the entity, contact, or role exists in the account.
The signature is invalid.	InvalidSignature	Ensure that you use the correct public key for token validation. For more information, see OAuth 2.0 Access and Refresh Token Structure. Warning: Invalidity of issuer or signature may be caused by cross-site request forgery (CSFR) attacks. To ensure that your application is safe, follow the OAuth 2.0 specification. For more information, see RFC6749 Section 10.12.
Login attempted with a refresh token.	TokenRejected	Ensure that the application uses the access token for access and the refresh token for the refresh token POST request. For more information, see Refresh Token POST Request to the Token Endpoint.
The integration application ID is invalid.	InvalidIntegration	Verify that the corresponding integration record exists in the account.
The integration application has empty scope or the scope in the token does not match the scope in the integration record.	ScopeMismatched	Ensure that the RESTlets or REST Web Services box is checked in the corresponding integration record. For more information, see Create Integration Records for Applications to Use OAuth 2.0.
The integration application does not use OAuth 2.0.	AuthorizationCodeGrantRequired	Ensure that the Authorization Code Grant box is checked in the corresponding integration record. For more information, see Create Integration Records for Applications to Use OAuth 2.0.
The scope value is empty in the token.	InvalidScope	Ensure that the structure of the access token is correct. For more information, see OAuth 2.0 Access and Refresh Token Structure.
Role or entity is inactive.	EntityOrRoleDisabled	Verify that the entity or role is active in the account.
The OAuth 2.0 feature is not enabled in the account.	FeatureDisabled	See Enable the OAuth 2.0 Feature.
The integration record is blocked.	IntegrationBlocked	Ensure that the value of the State field is set to Enabled on the corresponding integration record. For more information, see Create Integration Records for Applications to Use OAuth 2.0.

Problem

RESTlets/REST Web Services

Resolution

The access token is expired.

AccessTokenExpired

Use the refresh token to get a new access token. If the refresh token is expired, initiate the authorization code grant flow to get a new pair of tokens. For more information, see OAuth 2.0 Authorization Code Grant Flow.

At least one of the following is invalid:

Entity
Contact
Role

EntityOrRoleDisabled

Verify that the entity, contact, or role exists in the account.

The signature is invalid.

InvalidSignature

Ensure that you use the correct public key for token validation. For more information, see OAuth 2.0 Access and Refresh Token Structure.

Warning:

Invalidity of issuer or signature may be caused by cross-site request forgery (CSFR) attacks. To ensure that your application is safe, follow the OAuth 2.0 specification. For more information, see RFC6749 Section 10.12.

TokenRejected

Ensure that the application uses the access token for access and the refresh token for the refresh token POST request. For more information, see Refresh Token POST Request to the Token Endpoint.

The integration application ID is invalid.

InvalidIntegration

Verify that the corresponding integration record exists in the account.

The integration application has empty scope or the scope in the token does not match the scope in the integration record.

ScopeMismatched

Ensure that the RESTlets or REST Web Services box is checked in the corresponding integration record. For more information, see Create Integration Records for Applications to Use OAuth 2.0.

The integration application does not use OAuth 2.0.

AuthorizationCodeGrantRequired

Ensure that the Authorization Code Grant box is checked in the corresponding integration record. For more information, see Create Integration Records for Applications to Use OAuth 2.0.

The scope value is empty in the token.

InvalidScope

Ensure that the structure of the access token is correct. For more information, see OAuth 2.0 Access and Refresh Token Structure.

Role or entity is inactive.

EntityOrRoleDisabled

Verify that the entity or role is active in the account.

The OAuth 2.0 feature is not enabled in the account.

FeatureDisabled

See Enable the OAuth 2.0 Feature.

The integration record is blocked.

IntegrationBlocked

Ensure that the value of the State field is set to Enabled on the corresponding integration record. For more information, see Create Integration Records for Applications to Use OAuth 2.0.

Related Topics