Error Cases

Error Messages for End Users:

  • Not Turkcell subscriber
  • Wrong MSISDN format
  • Wrong OTP entry
  • Abusement cases
  • Timeout
  • MSISDN Blacklist
  • Blacklist for USerInfo
  • Email Verification - Timeout (if more than 3 days )
  • Email Verification with an invalid link/code

Error Messages for Service Providers:

Frequently encountered problems by Service Providers during integration phase are listed below

  • The error messages that mentioned on API spec docs are valid

  • System Internal Error (PaymentDB,Auth.Server,MC DB,SMSC is not working..etc)
    Explanation: In this case, the error code is not returned. When the system error occurs, user is redirected to Login Page with an error message.

  • Wrong Parameter( ClientId, RedirectURI, Scope ..etc)
    Explanation : These error codes are not the error codes that will be displayed to enduser, only to show that they are Service Provider's own side errors & logging is recommended
    • error="invalid_client", error_description="Client with id sp_desktop_tes was not found"
    • error="invalid_grant", error_description="Invalid redirect: does not match one of the registered values."
      Mismatch can happen in any phase if the redirect uri doesnt match through the whole flow.
      1: The used redirect url should be in the registered redirect uri list (registration is done through SERVICE PROVIDER REGISTRATION form)
      2: The same redirect uri should be used in the Authentication Request URL and Token Request URL
    • error="invalid_request" -> a parameter is missing in request
  • Missing Parameter Value( openid)
    Explanation : This error case is encountered due to the absence of “openid” value in scope parameter in Authentication Endpoint URL which is mandatory (Please see Authentication Endpoint from the left menu for details)
    Please ensure that your Request URL includes openid otherwise contact with us
    • error="invalid_request", error_description="Openid must be defined in scope parameters. (Example scope=openid email phone)"

  • public static final String USER_DID_NOT_APPROVE = "USER_DID_NOT_APPROVE";
    Explanation: User doesnt want to enter

  • public static final String FRAUD_DETECTED = "

  • public static final String TIMED_OUT = "TIMED_OUT";
    Explanation: if its timeout

  • "unsupported language"
    Explanation: If the keyword comes with a different keyword than the recommended ones, "unsupported language" error will be returned to the Service Provider

  • "Access Denied"
    Explanation: It means that login access is denied for the gsm number. There maybe few reasons where access is denied during login operation.
    Most frequently the case is: In demo mode limited usage is allowed which means the one used for “Service Provider Registration login” is allowed to login during Fast Login API integration development.
    Another case is: Access is denied for the gsm numbers due to blacklist control ( IP / MSISDN / Three times wrong SMSOTP entry )