Skip to main content

Return custom errors from script extensions

SecureAuth CIAM supports custom error responses from script extensions. Use this feature to reject requests with clear messages and specific HTTP status codes when access conditions fail.

This is useful for early access control scenarios like pre-token minting validations or dynamic authorization logic.

Use cases

Custom error responses are particularly valuable in pre-token minting scripts when you need to:

  • Reject requests that fail advanced validation checks

  • Block token issurance based on custom business rules

  • Return specific error messages when authorization conditions aren't met

When a script returns a structured error, SecureAuth returns the clear message and appropriate status code to the client without issuing a token.

Example: Enforce API quotas

A retail company uses SecureAuth to manage partner API access. A pre-token script checks if the partner:

  • Has a valid subscription

  • Has not exceedd the daily API quota

  • Has an active account

If any condition fails, the script blocks token issuance and returns a structured error:

{
  "error": {
    "message": "API quota exceeded",
    "code": 429
  }
}

This ensures unauthorized or invalid requests are stopped early, with a clear message for troubleshooting.

Script error format

Return a custom error using this format, where:

  • message – The error message returned in the response

  • code – The HTTP status code (must be one of the Supported status codes)

module.exports = async function (context) {
  return {
    error: {
      message: "Your error message here",
      code: 403
    }
  };
};

Supported status codes

Code

Description

400

Bad Request – The request is invalid

401

Unauthorized – Missing or invalid authentication

403

Forbidden – Access is not allowed

429

Too Many Requests – Rate limiting or throttling applied