Brief Description
Calling applications will need to be able to distinguish authorisation issues that are related to an expired token vs. other issues that we may want to not be explicit about. We should check that our error messages are sufficiently helpful to applications in knowing what action to take, e.g., refresh the token vs. a technical problem.
Severity
Low
Brief Description
Calling applications will need to be able to distinguish authorisation issues that are related to an expired token vs. other issues that we may want to not be explicit about. We should check that our error messages are sufficiently helpful to applications in knowing what action to take, e.g., refresh the token vs. a technical problem.
Severity
Low