This documentation is for WSO2 Identity Server 5.0.0. View documentation for the latest release.
Customizing Authentication Error Messages - Identity Server 5.0.0 - WSO2 Documentation
Skip to end of metadata
Go to start of metadata

The Identity Server has standard error messages for different authentication errors that are encountered. See Error Codes and Descriptions for more information on the standard error codes and descriptions of those errors. There are three types of custom errors handled here:

  • Invalid credentials
  • Invalid User
  • Account Lock

Note: Account Lock errors are returned only when account locking is enabled in the server.

Do the following to customize these error messages.

Enable the following parameter in the <IS_HOME>/repository/conf/security/application-authentication.xml file if you need customized error messages.

<AuthenticatorConfig name="BasicAuthenticator" enabled="true"> 
	<Parameter name="showAuthFailureReason">true</Parameter>

We send the following query parameters to the authentication endpoint web application and you can customize the error messages according to 'errorCode'.

  • errorCode
  • failedUsername
  • remainingAttempts
  • No labels