Versions Compared

Version Old Version 1 New Version Current
Changes made by

Isla Humphreys

Chris Wood

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The API is typically invoked before and after the User has authenticated at the LFI and authorised the consent. The sequence diagram below provides an excerpt of the API Hub Sequence Diagrams that describe the end-to-end flow, focusing on the Heimdall API.

uae-invoking-hh-api-sequence-diagram.png

3. Success Response

When validation of the redirection is successful the properties of Pushed Authorization Request and the TPP who sent the Pushed Authorization Request are available in the response. The values returned in the success response, indicated by the a 200 HTTP status code, include the login_hint parameter, which allows the Emirates ID or Trade License Number to be sent as a JWE.

Please refer to the OpenAPI description for further details.

4. Error Handling

The error scenarios described above are summarised in the table below.

...

The following sections expand on each error type.

...

4.1 Client Validation Error

Client Validation Errors are returned by Heimdall when the Client belonging to a given TPP cannot be successfully validated.

...

Description

Error Code (error)

Error Description (error_description)

1

The client_id query parameter sent by the Client does not match the value stored with the Authorization Request.

invalid_client

The client_id value does not match the value stored in the Authorization Request.

2

The Client or TPP who owns the Client is no longer in a valid state in the Trust Framework, and therefore cannot be successfully validated.

invalid_client

The status of the Client is no longer valid. The Authorization Request can no longer be completed.

3

An internal error has stopped validation of the Client. The validation of the Client cannot therefore be completed authoritatively.

server_error

The Client cannot be validated due to an internal error.

4.2 Authorization Request Error

Authorization Request Errors are returned by Heimdall when the Authorization Request is invalid or cannot be processed.

...

Description

Error Code (error)

Error Description (error_description)

1

The Authorization Request has expired as the number of seconds since the expires_in value returned by the PAR Endpoint has passed.

invalid_request

The Authorization Request has expired.

2

An internal error has stopped validation of the Authorization Request. The validation of the Authorization Request cannot therefore completed.

server_error

Error description will be dependent on the error condition experience at Heimdall.

...

4.3 User Validation Error

User Validation Errors are returned by Heimdall when the LFI signals that User authentication and authorisation of consent has failed.

...