Standard Error Responses

The Login 3.0 API may return the following HTTP Status Codes:

Status	JSON Response
400 Bad Request	{"error": "invalid_request", "error_description": "..."}
401 Unauthorized	{"error": "invalid_client", "error_description": "..."}
401 Unauthorized	{"error": "requires_validation", "error_description": "Suspicious request requires verification"}
403 Forbidden	{"error": "unauthorized_client", "error_description": "..."}
403 Forbidden	{"error": "access_denied", "error_description": "..."}
403 Forbidden	{"error": "access_denied", "error_description": "Unknown or invalid refresh token"}
403 Forbidden	{"error": "invalid_grant", "error_description": "..."}
404 Not Found	{"error": "endpoint_disabled", "error_description": "..."}
405 Method Not Allowed	{"error": "method_not_allowed", "error_description": "..."}
429 Too Many Requests	{"error": "too_many_requests", "error_description": "..."}
500 Internal Server Error
501 Not Implemented	{"error": "unsupported_response_type", "error_description": "..."}
501 Not Implemented	{"error": "unsupported_grant_type", "error_description": "..."}
503 Service Unavailable	{"error": "temporarily_unavailable", "error_description": "..."}

---

Notes

• Error Descriptions: Error descriptions provide more context about the issue to help with troubleshooting.

• Rate Limiting: If you encounter a 429 Too Many Requests response, your application should respect the rate limits and retry after the specified time.