Error handling

When an authorisation fails, you will be redirected back to the provided redirect URL with additional parameters in the query string.

There will always be an error parameter, and the redirect may also include an error_description parameter.

https://my-site/stub/redirect-url?
  error=access_denied&
  error_description=The+user+denied+the+request

The authorisation can also fail if the redirect URL provided is invalid or if the client_id is not recognised. If the client_id is not recognised, the authorisation server will not redirect the user.

Refer: list of error codes and their descriptions

Displaying error messages for your users

Despite the fact that servers return an error_description key, the error description is only for your reference and is not intended to be displayed to the user.

You should instead present the user with your own customised error message. This allows you to tell the user an appropriate action to take to correct the problem and allows you to localise the error messages if you are building a multi-language website.