Auth0 Home Blog Docs

Customising status code returned from hooks

hooks
client-credentials-f

#1

We’re using client credentials hooks and want to reject authorisation on certain conditions. It appears that we can do this in the hook by simply passing back a string as the first argument to the callback, which appears as the error description when consumers call /oauth/token endpoint. However, this returns a status code of 500. In our case a 403 is probably a better choice.

Is there a way to control the returned status code?

It seems passing back an error like new UnauthorizedError('some error') like some of the rule examples still returns a 500 status code but a worse error description of Script generated an unhandled asynchronous exception.

Also some more examples or documentation around hooks would be awesome.


#2

This is not currently supported in Hooks, however it’s worth noting that Hooks is still a beta feature. In order to categorize your request more efficiently, can you please post your request in the Ideas section of the community:
https://community.auth0.com/content/idea/list

As we develop Hooks further towards being, we will also be adding new samples and documentation for you to refer to.


#3