Skip to main content

Troubleshooting Guide

This guide helps you diagnose and resolve common issues with Authlete deployments.

Quick Diagnostics

Health Check Endpoints

Service Health: 
curl -X GET "https://api.authlete.com/health"
Service Status: 
curl -X GET "https://api.authlete.com/api/service/status" \
-H "Authorization: Bearer $AUTHLETE_API_KEY"

Common Error Codes

Error CodeDescriptionSolution
A004001Invalid request parametersCheck request format and required fields
A004002Authentication requiredVerify API credentials
A004003Insufficient permissionsCheck API key permissions
A004004Resource not foundVerify resource exists
A004005Internal server errorContact support
A050001Token request successfulNormal operation
A050002Invalid clientCheck client credentials
A050003Invalid grantVerify authorization code
A050004Unsupported grant typeCheck grant type configuration

Authentication Issues

Invalid Client Credentials

Symptoms:
  • 401 Unauthorized errors
  • “Invalid client” error messages
  • Authentication failures
Diagnosis: 
# Check client configuration
curl -X GET "https://api.authlete.com/api/client/get/$CLIENT_ID" \
-H "Authorization: Bearer $AUTHLETE_API_KEY"
Solutions:
  1. Verify Client ID
  • Check client ID format
  • Ensure client exists
  • Verify client is active
  1. Check Client Secret
    • Verify secret is correct
    • Check for encoding issues
    • Ensure secret is not expired
  2. Client Type Mismatch
    • Public clients don’t need secrets
    • Confidential clients require secrets
    • Check client type configuration

Invalid Grant Type

Symptoms:
  • “Unsupported grant type” errors
  • Token request failures
  • Authorization code issues
Diagnosis: 
# Check service configuration
curl -X GET "https://api.authlete.com/api/service/get/$SERVICE_ID" \
-H "Authorization: Bearer $AUTHLETE_API_KEY"
Solutions:
  1. Enable Grant Type
  • Add grant type to service settings
  • Check client grant type configuration
  • Verify grant type is supported
  1. Check Grant Type Format
    • Use correct grant type names
    • Check for typos
    • Verify case sensitivity

Invalid Redirect URI

Symptoms:
  • “Invalid redirect URI” errors
  • Authorization failures
  • Redirect mismatches
Solutions:
  1. Exact Match Required
  • Redirect URI must match exactly
  • Check for trailing slashes
  • Verify protocol (http vs https)
  1. Wildcard Support
    • Use wildcards for subdomains
    • Check wildcard configuration
    • Verify wildcard placement

Token Issues

Token Validation Failures

Symptoms:
  • “Invalid token” errors
  • Token rejection
  • Authentication failures
Diagnosis: 
# Validate token
curl -X POST "https://api.authlete.com/api/auth/introspection" \
-H "Authorization: Bearer $AUTHLETE_API_KEY" \
-H "Content-Type: application/json" \
-d '{"token": "$ACCESS_TOKEN"}'
Solutions:
  1. Check Token Format
  • Verify JWT structure
  • Check token encoding
  • Validate token signature
  1. Token Expiration
    • Check token expiration time
    • Verify system clock
    • Refresh expired tokens
  2. Token Revocation
    • Check if token is revoked
    • Verify revocation status
    • Generate new token if needed

Token Refresh Issues

Symptoms:
  • Refresh token failures
  • “Invalid refresh token” errors
  • Token renewal problems
Solutions:
  1. Refresh Token Validity
  • Check refresh token expiration
  • Verify refresh token format
  • Ensure refresh token is not revoked
  1. Client Configuration
    • Enable refresh token grant type
    • Check client secret
    • Verify client permissions

Configuration Issues

Service Configuration Problems

Symptoms:
  • Service not responding
  • Configuration errors
  • Endpoint failures
Diagnosis: 
# Check service configuration
curl -X GET "https://api.authlete.com/api/service/get/$SERVICE_ID" \
-H "Authorization: Bearer $AUTHLETE_API_KEY"
Solutions:
  1. Verify Service Settings
  • Check service configuration
  • Verify endpoint URLs
  • Ensure service is active
  1. Check Service Limits
    • Verify rate limits
    • Check quota usage
    • Monitor service status

Client Configuration Issues

Symptoms:
  • Client authentication failures
  • Scope permission errors
  • Redirect URI mismatches
Solutions:
  1. Client Settings
  • Verify client configuration
  • Check redirect URIs
  • Ensure client is active
  1. Scope Configuration
    • Check scope permissions
    • Verify scope names
    • Ensure scopes are enabled

Performance Issues

Slow Response Times

Symptoms:
  • High latency
  • Timeout errors
  • Slow token issuance
Diagnosis: 
# Check service metrics
curl -X GET "https://api.authlete.com/api/service/metrics/$SERVICE_ID" \
-H "Authorization: Bearer $AUTHLETE_API_KEY"
Solutions:
  1. Database Performance
  • Check database connections
  • Monitor query performance
  • Optimize database queries
  1. Caching Issues
    • Check cache configuration
    • Monitor cache hit rates
    • Optimize cache settings
  2. Network Issues
    • Check network latency
    • Verify DNS resolution
    • Monitor bandwidth usage

High Error Rates

Symptoms:
  • Increased error responses
  • Service degradation
  • User complaints
Solutions:
  1. Monitor Error Logs
  • Check application logs
  • Monitor error patterns
  • Identify root causes
  1. Rate Limiting
    • Check rate limit configuration
    • Monitor request patterns
    • Adjust rate limits if needed
  2. Resource Limits
    • Check resource usage
    • Monitor memory/CPU
    • Scale resources if needed

Security Issues

Certificate Problems

Symptoms:
  • SSL/TLS errors
  • Certificate validation failures
    • HTTPS issues
Solutions:
  1. Certificate Validity
  • Check certificate expiration
  • Verify certificate chain
  • Update expired certificates
  1. Certificate Configuration
    • Check certificate format
    • Verify private key
    • Ensure proper key usage

Security Vulnerabilities

Symptoms:
  • Security warnings
  • Vulnerability alerts
  • Compliance issues
Solutions:
  1. Update Dependencies
  • Update libraries
  • Patch vulnerabilities
  • Monitor security advisories
  1. Security Configuration
    • Review security settings
    • Enable security features
    • Implement best practices

Debugging Tools

Log Analysis

Enable Debug Logging: 
logging:
level: DEBUG
authlete: DEBUG
security: INFO
performance: INFO
Log Analysis Commands: 
# Filter error logs
grep "ERROR" /var/log/authlete/app.log

# Monitor real-time logs
tail -f /var/log/authlete/app.log | grep "ERROR"

# Analyze performance logs
grep "duration" /var/log/authlete/app.log | sort -n

API Testing

Test Authorization Endpoint: 
curl -X GET "https://auth.example.com/oauth/authorize" \
-G -d "response_type=code" \
-d "client_id=$CLIENT_ID" \
-d "redirect_uri=$REDIRECT_URI" \
-d "scope=openid profile" \
-d "state=random_state"
Test Token Endpoint: 
curl -X POST "https://auth.example.com/oauth/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=authorization_code" \
-d "code=$AUTHORIZATION_CODE" \
-d "redirect_uri=$REDIRECT_URI" \
-d "client_id=$CLIENT_ID" \
-d "client_secret=$CLIENT_SECRET"

Monitoring Commands

Check Service Status: 
# Service health
curl -X GET "https://api.authlete.com/health"

# Service metrics
curl -X GET "https://api.authlete.com/api/service/metrics/$SERVICE_ID" \
-H "Authorization: Bearer $AUTHLETE_API_KEY"

# Client status
curl -X GET "https://api.authlete.com/api/client/get/$CLIENT_ID" \
-H "Authorization: Bearer $AUTHLETE_API_KEY"

Getting Help

Self-Service Resources

  • Documentation - Comprehensive guides and references
  • API Reference - Complete API documentation
  • Code Examples - Sample implementations
  • Community Forums - User discussions and solutions

Support Channels

  • Email Support - [email protected]
  • Priority Support - For enterprise customers
  • Emergency Support - For critical issues
  • Community Support - User forums and discussions

Escalation Process

  1. Level 1 - Self-service resources
  2. Level 2 - Email support
  3. Level 3 - Priority support
  4. Level 4 - Emergency support

Additional Resources