The API may send the following error codes for known errors. We try to make the error code as meaningful as possible, but we provide more description there. We will keep adding error codes in the future.

Type

Description

AUTHORIZATION_CLIENT_NOT_FOUND

The client_id provided as query parameter is invalid. It should match the client_id provided by Shine.

AUTHORIZATION_CLIENT_SECRET_DOES_NOT_MATCH

The client_secret provided as query parameter is invalid. It should match the client_secret provided by Shine.

AUTHORIZATION_REDIRECT_URI_DOES_NOT_MATCH

The redirect_uri provided as query parameter is invalid. It should match the redirect_uri you provided on your registration. If you want to change your redirect_uri, you need to contact Shine customer support.

AUTHORIZATION_REQUESTED_SCOPE_NOT_AVAILABLE

One of the scopes provided as query parameter is invalid. See Scopes for a list of supported scopes.

AUTHORIZATION_REQUESTED_SCOPE_NOT_AUTHORIZED

One of the scopes provided as query parameter is invalid. You can only request scopes that have been authorized during your registration. If you want to request a new scope, you need to contact Shine customer support.

AUTHORIZATION_REQUESTED_SCOPE_MISSING_OPENID

When you request the email, profile and/or phone scopes, you also need to request the openid scope. See Scopes for more information.

AUTHORIZATION_CLIENT_STATUS_NOT_VALID

Your account has not been validated yet or has been deactivated.

AUTHORIZATION_CODE_MISSING

The code query parameter is required when requesting a token with grant_type=authorization_code

AUTHORIZATION_CODE_NOT_FOUND

The code provided as query parameter is invalid. It should match the code returned by the Shine OAuth2 server.

AUTHORIZATION_CODE_ALREADY_USED

Authorization codes can only be used once.

AUTHORIZATION_CODE_EXPIRED

Authorization codes expire after one minute.

AUTHORIZATION_CODE_REDIRECT_URI_DOES_NOT_MATCH

The redirect_uri provided as query parameter is invalid. It should match the redirect_uri you provided on your registration. If you want to change your redirect_uri, you need to contact Shine customer support.

AUTHORIZATION_ACCESS_TOKEN_EXPIRED

Access tokens expire after one hour. They can be refreshed using the refresh_token returned alongside the access_token by the Shine OAuth2 server.

AUTHORIZATION_INVALID_ACCESS_TOKEN

The access_token provided in the Authorization header is invalid. Check that you're sending the access_token provided to you by the Shine OAuth2 server.

The Authorization header should follow the following format: Bearer access_token

AUTHORIZATION_MISSING_ACCESS_TOKEN

The Authorization header is missing or the access_token is missing inside the Authorization header.

AUTHORIZATION_ACCESS_TOKEN_WRONG_AUDIENCE

The access_token provided is not a Shine access_token. The aud claim should be https://api.shine.fr. You can inspect your access_token on jwt.io.

AUTHORIZATION_ACCESS_TOKEN_MISSING_SCOPE

One of the scope required to access this resource is missing from your access_token. Check that you have requested this scope during your Shine Connect registration and when requesting access to the user.

AUTHORIZATION_ACCESS_TOKEN_FORBIDDEN

The requested resource(s) can't be accessed with this access_token. It means that you may be trying to access data that don't belong to this user.

AUTHORIZATION_UNSUPPORTED_RESPONSE_TYPE

The response_type provided as query parameter is invalid. The only supported response_type is code.

AUTHORIZATION_UNSUPPORTED_GRANT_TYPE

The grant_type provided as query parameter is invalid. The only supported grant_types are authorization_code & refresh_token.

AUTHORIZATION_REFRESH_TOKEN_MISSING

The refresh_token query parameter is required when requesting a new access_token with grant_type=refresh_token

AUTHORIZATION_REFRESH_TOKEN_EXPIRED

Refresh tokens expire after one year. Refresh tokens can't be refreshed. To get a new refresh_token, the user has to go through the OAuth2 authorize flow again.

AUTHORIZATION_REFRESH_TOKEN_INVALID

The refresh_token provided as query parameter is invalid. It should match the refresh_token returned by the Shine OAuth2 server.

AUTHORIZATION_REFRESH_TOKEN_REDIRECT_URI_DOES_NOT_MATCH

The redirect_uri provided as query parameter is invalid. It should match the redirect_uri you provided on your registration. If you want to change your redirect_uri, you need to contact Shine customer support.

AUTHORIZATION_REFRESH_TOKEN_REVOKED

The refresh_token provided as query parameter has been revoked. To get a new refresh_token, the user has to go through the OAuth2 authorize flow again.

AUTHORIZATION_UNKNOWN_ERROR

😱

AUTHORIZATION_USER_NOT_AUTHORIZED

The Authorization header is invalid or missing.

The Authorization header should follow the following format: Bearer access_token