Hi invalid_grant >
> The provided authorization grant (e.g. authorization code, > resource owner credentials) is invalid, expired, revoked, does > not match the redirection URI used > I would think that the refresh_token is an authorization code that needs refreshing, so this would be valid. On 21 February 2012 15:33, Peter Brindisi <peter.brind...@gmail.com> wrote: > Hi all, > > I am currently implementing version 23 of the oauth2 spec, and I came > across a bit of ambiguity. What is the appropriate error code for an > invalid refresh token? I am unsure whether it should be 'invalid_grant' or > 'invalid_request'. Neither seems 100% clear. > > Thanks in advance! > > Best, > Peter > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > >
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
