Facebook Api Error Http Status Code 400
Contents |
Dropbox Business Blog Dropbox Tech Blog Drop Everything (Australia) Drop Everything (UK) Dropbox Business Blog France How many HTTP status codes should your APIuse? Steve Marx April 1, 2015 0 0 413 There are a lot of HTTP status http status code 400 . verify that the exchange mailbox server is working correctly codes. At the time of this writing, Wikipedia lists 75 different status codes, most of
Http Status Code 400 Returned By The Server
which you've probably never encountered. Many of us have heard of the tongue-in-cheek "418 I'm a teapot," but very few are familiar
Http Status Code 400 Reason Request Uri Is Too Long
with these: 205 Reset Content 300 Multiple Choices 419 Authentication Timeout 450 Blocked by Windows Parental Controls Most API providers stick to a rather small set of status codes, which they list in their documentation. Facebook's
Http Status Code 404
Graph API takes this to the extreme; it only returns a single status code: 200 (OK). A client can determine whether an error occurred by examining the JSON-encoded response body. The Twitter API documents 15 status codes. Our own Dropbox API lists 8 specific status codes for error conditions. What's the right approach? Is it better to use more status codes or fewer status codes? The value of HTTP status codes There are 16 http status code 403 status codes defined in RFC1945 (the HTTP 1.0 specification). These status codes were motivated by pragmatism. Web browsers are generic, in that they can be used to talk to any web server. That means both the web browser and web server need to conform to a known interface, and this interface includes a variety of error conditions. For example, web browsers need to know when to prompt a user for credentials, and that's why we have status code 401 (Unauthorized). Newer status codes serve similar purposes. For example, 206 (Partial Content) exists to let a browser know that its range retrieval request was actually fulfilled, so it should treat the content as such. (In contrast, a 200 status code would indicate that the server actually returned the full content.) The value to a web browser of a standard set of status codes is that the browser can automatically—without any foreknowledge of the specific web server it's talking to—take the right action. Over the decades, this value has extended to things that aren't exactly web browsers. For example, a caching proxy server uses conditional GET requests and relies on an understanding of status code 304 (Not Modified) to know when it's safe to use the cached value. Are API clients web browsers? To get back to the titular qu
here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About Us Learn more about Stack http status code 411 Overflow the company Business Learn more about hiring developers or posting ads with us http status code 500 Stack Overflow Questions Jobs Documentation Tags Users Badges Ask Question x Dismiss Join the Stack Overflow Community Stack Overflow is a what does error 400 mean community of 4.7 million programmers, just like you, helping each other. Join them; it only takes a minute: Sign up Is 400 the appropriate error code for OAuth verification errors (http)? up vote 1 down vote https://blogs.dropbox.com/developers/2015/04/how-many-http-status-codes-should-your-api-use/ favorite 1 Hi guys : What should the correct http response code be for an request which, although well-formed, is includes an invalid oauth token ? The error code 400 seems misleading, since an invalid oauth is, I believe, not malformed request. Strangely, it is the case that facebook oauth tokens (if invalid), cause an api return of result in the return if a 400 response code.... http facebook-graph-api oauth response http://stackoverflow.com/questions/8702622/is-400-the-appropriate-error-code-for-oauth-verification-errors-http share|improve this question edited Jan 2 '12 at 19:14 asked Jan 2 '12 at 15:38 jayunit100 9,130850106 Define "invalid oauth". Using a wrong/missing client or scope could as well be considered a malformed request (however above HTTP level). –eckes Dec 22 '13 at 0:18 add a comment| 2 Answers 2 active oldest votes up vote 3 down vote accepted Correct. 401 Unauthorized should be the primary choice for response status code in your example. EDIT: I spent some time browsing the OAuth2 draft, and it looks like they specify the following when client authentication fails: normally MUST respond with 400 Bad Request, but MAY respond with 401 Unauthorized, and MUST respond with 401 Unauthorized if authentication was attempted using the Authorization request header. If so it must also include a WWW-Authenticate in the response. share|improve this answer edited Jan 3 '12 at 11:10 answered Jan 2 '12 at 19:22 Jon Nylander 5,47332037 Hmmm... any thoughts on why facebook implements a 400 return on bad oauths ? –jayunit100 Jan 2 '12 at 22:20 Well, having implemented an OAuth provider myself, I can only say that I didn't think it was trivial to get all the response codes right. I had to refactor quite a bit t
here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss http://stackoverflow.com/questions/10478812/facebook-graph-api-error-code-list the workings and policies of this site About Us Learn more about Stack Overflow the company Business Learn more about hiring developers or posting ads with us Stack https://github.com/intridea/oauth2/issues/34 Overflow Questions Jobs Documentation Tags Users Badges Ask Question x Dismiss Join the Stack Overflow Community Stack Overflow is a community of 4.7 million programmers, just like you, helping http status each other. Join them; it only takes a minute: Sign up Facebook Graph API error code list up vote 28 down vote favorite 9 Where can I find the official Graph API Error Code list? I have been used Graph API for half year, and in the past 6 months, the error code's format has been changed twice! http status code The first time I saw the error code, it looks like: { "error": { "message": "Error invalidating access token: The session has been invalidated because the user has changed the password.", "type": "OAuthException", } } It's really stranger, the error message didn't provide any error code! And then several months later, the "expected" error code was introduced. { "error": { "message": "Error invalidating access token: The session has been invalidated because the user has changed the password.", "type": "OAuthException", "code": 190, } } But sadly, you still cannot distinguish what the error exactly is by checking the "code", since many errors with the same "type" have the same "code". Just now, I found the error message contains new field: { "error": { "message": "Error invalidating access token: The session has been invalidated because the user has changed the password.", "type": "OAuthException", "code": 190, "error_subcode": 460 } } OK, it's just what I need. But where can I find the error code list? I knew there is FQL error code list, http://fbdevw
Sign in Pricing Blog Support Search GitHub This repository Watch 31 Star 1,567 Fork 417 intridea/oauth2 Code Issues 73 Pull requests 39 Projects 0 Wiki Pulse Graphs New issue Getting "OAuth2::HTTPError: Received HTTP 400 during request" occassionaly. #34 Open mongrelion opened this Issue Feb 25, 2011 · 21 comments Projects None yet Labels None yet Milestone No milestone Assignees No one assigned 10 participants mongrelion commented Feb 25, 2011 Hi there o/ I'm using your library for a very light login system using Facebook Connect. Here's the deal: Sometimes I get an HTTP 400 and it's kinda hard to figure out why this is happening. I've been walking through the OAuth2 library code, looking for the exception that is been thrown, finding this https://github.com/intridea/oauth2/blob/master/lib/oauth2/client.rb#L80 In the end, is not crystal clear to me why I'm getting this response from the server, and maybe the URL that your library is sending to it, is not well formed, I don't know. Has this ever happened to you? I hope you can help me. Regards, Carlos. nileshbetter commented Mar 4, 2011 I am facing the same issue. Anybody was able to solve this: "OAuth2 HttpError Received HTTP 400 during request" ? Any clues/pointers? rjspotter commented Apr 13, 2011 +1 except I'm getting it on every request. I'm using Oauth2 as part of Omniauth. rjspotter commented Apr 13, 2011 Here's what I've discovered: if you pass the code get attribute as part of your callback url (as omniauth was doing) FB will 400 on you. For now I'm just making sure that all get parameters are stripped off before passing the url to Oauth2. I may create a patch once I see what the spec has to say about the issue. matthiasjakel commented Apr 28, 2011 I had the same problem. I had to add :access_token_method => :post to my new client instance. OAuth2::Client.new( APP_ID, APP_SECRET, { :access_token_method => :post, :authorize_path => '/oauth2/authorize', :access_token_path => '/oauth2/access_token', parse_json: true, :site => PROVIDER_URL }) kwhitaker comm