By: Marcus Masciarelli named 12 Mar 2021 at 2:48 p.m. CST

2 Responses
Marcus Masciarelli gravatar
curl -v -X POST https://<host>/oxauth/restv1/userinfo -H "Authorization:Bearer <invalid-token>" < HTTP/2 400 < date: Tue, 09 Mar 2021 16:48:25 GMT < content-type: application/json < content-length: 203 < server: Jetty(9.4.12.v20180830) < x-xss-protection: 1; mode=block < x-content-type-options: nosniff < strict-transport-security: max-age=31536000; includeSubDomains < * Connection #0 to host api.middevus.xantav.com left intact {"error":"invalid_token","error_description":"The access token provided is expired, revoked, malformed, or invalid for other reasons. Try to request a new access token and retry the protected resource."} expect a 401 error for this case

By Yuriy Zabrovarnyy staff 17 Mar 2021 at 9:22 a.m. CDT

Yuriy Zabrovarnyy gravatar
In 4.x version if request is malformed then 400 is returned. If token is not valid then 401 is returned.

By Aliaksandr Samuseu staff 17 Mar 2021 at 10:22 a.m. CDT

Aliaksandr Samuseu gravatar
Thanks, Yuriy. Marcus, you'll have to upgrade your setup, 3.1.6 has reached its EOL. Closing the ticket