discord-api-docs
discord-api-docs copied to clipboard
Invalid OAuth request should return invalid_request error instead of unsupported_grant_type
Description
According to RFC 6749 §5.2, the server should respond with invalid_request
if the request is missing required parameters:
invalid_request
The request is missing a required parameter, includes an
unsupported parameter value (other than grant type),
repeats a parameter, includes multiple credentials,
utilizes more than one mechanism for authenticating the
client, or is otherwise malformed.
However, this doesn't seem to be the case with the token endpoint.
Steps to Reproduce
Send this curl command:
curl -X POST \
-H 'Content-type: application/x-www-form-urlencoded' \
-d 'invalid=true' \
https://discord.com/api/oauth2/token
Or send a completely wrong format:
curl -X POST \
-H 'Content-type: application/json' \
-d '{}' \
https://discord.com/api/oauth2/token
Expected Behavior
An invalid_request
error due to the missing required fields and generally incorrectly formatted request:
{
"error": "invalid_request",
"error_description": "The request is not formatted correctly"
}
Current Behavior
A completely unrelated error:
{
"error": "unsupported_grant_type",
"error_description": "Grant type None is not supported"
}
Screenshots/Videos
No response
Client and System Information
API v10