Authentication result codes
After the result of the operation is returned, your frontend needs to react to the results. The result contents enable you to decide if the approval was successful.
The result has the following members:
Field | Description |
---|---|
success boolean | The member indicates whether the authentication is successful. |
code.statusCode enum | The enumeration reports the success code or the various error codes for the session. |
code.message string | A short human-readable message about the result of the transaction. |
token string | You can use the transaction token to verify whether the operation is executed by your Authentication Cloud instance, see Status endpoint. |
message string | Only present in case of an error when it provides a more verbose description of the failure. |
note
The authentication error codes are in the form of error-00XX
.
On success, for security reasons, first verify the status token using the Auth Cloud API introspection endpoint. Once you confirmed that the transaction token is valid, you can proceed with the authenticated transaction.
On failure, handle the error as in the following example:
if (result.success) {
// result.code.statusCode ->
// "success-authentication" is an successful approval.
// result.message contains more information in a human-readable format.
}
else {
// Handle the error, you can find more details in result.code and result.message
alert("There was a problem: " + result.code.message);
}
Example success result object:
{
"success": true,
"code": {
"statusCode": "success-authentication",
"message": "Successfully authenticated with WebAuthn credential."
},
"token": "eyJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJod...bzIifQ.3...0Fw"
}
Example failure result object:
{
"success": false,
"code": {
"statusCode": "error-0001",
"message": "Failed to authenticate with WebAuthn credential."
},
"message": "Error while trying to authenticate. NotAllowedError: The operation either timed out or was not allowed. See: https://www.w3.org/TR/webauthn-2/#sctn-privacy-considerations-client."
}
Result code | Description | Comment |
---|---|---|
success-authentication | Successfully authenticated with WebAuthn credential. | |
error-0000 | Invalid credentialRequestOptions . ServerPublicKeyCredentialGetOptionsResponse has to be valid. | The credentialRequestOptions object was missing or invalid. Make sure you pass in the credentialRequestOptions , which is returned in the approval response. |
error-0001 | Failed to authenticate with WebAuthn credential. | An error prevented authentication with the WebAuthn credential. See result.message for more information. |
error-0002 | Error while finalizing the authentication on the server. | An error occurred while sending the assertion result data to Authentication Cloud API to finalize the authentication. See result.message for more information. |
error-0003 | Invalid userId . Cannot be null or undefined. | The userId parameter was missing. Make sure you pass in the userId , which is returned in the approval response. |
error-0004 | Missing statusToken . Cannot be null or undefined. | The statusToken parameter was missing. Make sure you pass in the statusToken , which is returned in the approval response. |
error-0005 | WebAuthn is not supported by this browser. | Make sure that you use a browser which supports creating and authenticating with a FIDO2 / WebAuthn credential. |
error-0099 | Unknown error while authentication. | See result.message for more information. |
Next
You are now ready to take on the API and get going with your own FIDO2 flows, see Authentication.