Common OAuth errors and solutions

What are the common OAuth errors and how to solve them?

While configuring OAuth,  here are a few errors that you might face. They are:


Invalid Redirect URI


While working on a web based client, you have to ensure that the redirect URI passed while authentication, is the same as the one given during registration. If the redirect uri is not the one given during registration, an invalid redirect uri error will be thrown. 


The redirect URI for Site24x7 is:  


For example: A user is working on a web based client and has given as the Redirect URI. 


But the Redirect URI provided during authentication is a different one. 


In this case, as the Redirect URI added during registration is different from the one provided later, an Invalid redirect uri error will be raised.

Invalid_redirect URI will also be thrown when self client app's client_id is used in web based apps authentication flow.



Invalid Code

For Self client, If you receive an invalid code while generating Refresh token, check whether the Grant Token has expired. If the Grant Token is expired, try to  generate a new Grant token and try again. For more details read our  API documentation.  

Invalid code will also be thrown, when web-based app's client_id is used to obtain refresh_token.  

OAuth Scope associated to the OAuth Access Token is disallowed. 


When the action you are trying to perform is not provisioned within the Scope that you have opted for during Grant token generation, an error message will be raised: "OAuth Scope associated to the OAuth Access Token is disallowed". Then you will have to verify the scopes again in the  API Help doc .


If the API doc you are trying to access is not available in the help doc, please check if you can achieve the same result by using a different API, if not please contact .

Invalid Client

If the error raised is Invalid client, then it may be due to two reasons:

  1.The client_id that is being passed is invalid. Please verify the client_id once again in

  2.It is possible that  you are not making the request to the correct Data Center. 

For example:

If you have registered your app in (EU domain) and you try to get the code from  (COM domain), an invalid_client error will be raised.




    • Related Articles

    • OAuth token Generation

      Create a Slack app. Select the workspace that you need to access using Slack Web API. Navigate to Permission and configure the Workspace URL in Redirect URL. Navigate to Scopes and add the below scopes to User Token Scopes:          users:read ...
    • How to exclude HTTP errors from monitoring

      Common HTTP errors can be ignored from being tracked to reduce the noise in your monitoring environment. To ignore such HTTP errors, please follow the instructions given below. Log into your Site24x7 account>APM Insight Your application> Edit  agent ...
    • Common HTTP response codes and their definitions

      HTTP Error Codes: Error codes will help you identify the reason why your website is reported 'down' by Site24x7. Below table gives a fair idea about different HTTP error codes, corresponding reason and World Wide Web Consortium definitions for each ...
    • Postman configuration for authorizing Site24x7 requests

      For configuring Postman to use OAuth 2.0 authorizations, you will need a Client ID and Client Secret of a server-based client. If you already have one, you can skip Part I and directly move to Part II; else follow the steps below: Part I: Creating ...
    • How can my MSP end customer access the rebranded customer portal?

      Setting up rebranded customer portal  The customer portal can be set up during the customer account creation process. Learn more about creating a custom login URL. Inviting/Providing access to your end customers: To provide access for your ...