When PingAuthorize Server proxies a REST API, it forwards errors that the API returns to the client as they are, unless a policy dictates modifications to the response. In the following scenarios, PingAuthorize Server returns an error that the Sideband API generates:

  • The policy evaluation results in a deny response. This typically results in a 403 error.
  • An internal error occurs in the Sideband API. This typically results in a 500 error.

By default, these responses use a simple error format, as shown in the following example.

  "errorMessage": "Access Denied",
  "status": 403

The following table describes the default error format.

Field Type Description
errorMessage String Error message
status Number HTTP status code

Because some REST API clients expect a specific error-response format, PingAuthorize Server provides error templates to respond with custom errors. Error templates, which are written in Velocity Template Language, define the manner in which a Sideband API Endpoint produces error responses.

The following table identifies the context parameters that are provided with error templates.

Parameter Type Description
status Integer HTTP status
message String Exception message