Skip to main content

This version of GitHub Enterprise Server was discontinued on 2024-03-26. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise Server. For help with the upgrade, contact GitHub Enterprise support.

Troubleshooting OAuth app access token request errors

When exchanging a code for an access token, there are an additional set of errors that can occur. The format of these responses is determined by the accept header you pass.

Note: These examples only show JSON responses.

Incorrect client credentials

If the client_id and or client_secret you pass are incorrect you will receive this error response.

{
  "error": "incorrect_client_credentials",
  "error_description": "The client_id and/or client_secret passed are incorrect.",
  "error_uri": "/apps/managing-oauth-apps/troubleshooting-oauth-app-access-token-request-errors/#incorrect-client-credentials"
}

To solve this error, make sure you have the correct credentials for your OAuth app. Double check the client_id and client_secret to make sure they are correct and being passed correctly to GitHub Enterprise Server.

Redirect URI mismatch

If you provide a redirect_uri that doesn't match what you've registered with your OAuth app, you'll receive this error message:

{
  "error": "redirect_uri_mismatch",
  "error_description": "The redirect_uri MUST match the registered callback URL for this application.",
  "error_uri": "/apps/managing-oauth-apps/troubleshooting-authorization-request-errors/#redirect-uri-mismatch2"
}

To correct this error, either provide a redirect_uri that matches what you registered or leave out this parameter to use the default one registered with your application.

Bad verification code

If the verification code you pass is incorrect, expired, or doesn't match what you received in the first request for authorization you will receive this error.

{
  "error": "bad_verification_code",
  "error_description": "The code passed is incorrect or expired.",
  "error_uri": "/apps/managing-oauth-apps/troubleshooting-oauth-app-access-token-request-errors/#bad-verification-code"
}

To solve this error, start the OAuth authorization process again and get a new code.

Unverified user email

If the user for whom you are trying to generate a user access token has not verified their primary email address with GitHub, you will receive this error.

{
  "error": "unverified_user_email",
  "error_description": "The user must have a verified primary email.",
  "error_uri": "/apps/managing-oauth-apps/troubleshooting-oauth-app-access-token-request-errors/#unverified_user_email"
}

To resolve this error, prompt the user to verify the primary email address on their GitHub account. For more information, see "Verifying your email address" in the GitHub Free documentation.