ChallengeRequestErrorResponse
extends ErrorException
in package
Exception thrown when requesting a challenge transaction from the server fails.
Thrown when the authentication server returns an error in response to a challenge request (GET to the auth endpoint). This can occur due to invalid request parameters, server-side validation failures, rate limiting, or other issues preventing challenge generation. The exception message contains the error details from the server response.
Security Implications: Challenge request failures can indicate rate limiting (protection against DoS attacks), invalid account parameters, or server-side security policies. Clients should respect rate limits and not retry excessively. Repeated failures may indicate an attempt to enumerate valid accounts or abuse the authentication system.
Common Scenarios:
- Invalid account ID format in request parameters
- Rate limiting due to too many challenge requests
- Server rejecting requests for unauthorized domains or applications
- Missing or invalid home_domain parameter when required
- Client domain not supported or invalid
- Account blocked or restricted by server policy
- Server unable to parse request parameters