Skip to main content

Error Handling Guide

Learn how to properly handle errors and implement robust error recovery in your Auth-Agent implementation.

Error Types

AuthError

All SDK methods throw AuthError objects with detailed information:

Common Error Codes

token_expired
401
Access token has expired. Refresh the token or re-authenticate.
refresh_failed
401
Refresh token is invalid or expired. User must re-authenticate.
state_mismatch
400
OAuth state parameter mismatch. Possible CSRF attack.
pkce_missing
400
Code verifier not found. Must call getAuthorizationUrl() first.
forbidden
403
Insufficient permissions for the requested operation.
no_refresh_token
400
No refresh token provided for refresh operation.
no_token
400
Token required but not provided.
revoke_failed
400
Token revocation failed.
introspection_failed
400
Token introspection failed.

Basic Error Handling

Try-Catch Pattern

Specific Error Handling

Handling Specific Scenarios

Token Expiration

Network Errors

CSRF Protection

Error Recovery Strategies

Graceful Degradation

Automatic Recovery

User Notification

Logging and Monitoring

Error Logging

Metrics Collection

Complete Error Handling Example

Best Practices

Never let authentication errors crash your application. Always use try-catch blocks.
Translate technical error codes into messages users can understand and act on.
Log all authentication errors with context to help diagnose issues in production.
Network errors and server errors should be retried with exponential backoff.
Attempt to refresh expired tokens automatically before prompting users to re-login.
Track error frequencies to identify systemic issues early.

Next Steps

Token Refresh

Learn about token refresh strategies

AgentSDK Methods

Explore all SDK methods