Version 2021
Get error details from the server-side API
You can get the details of errors that are related to passwords, OTP sessions, or an OTP verification codes with proper configurations.
- Modify the serverdb.conf file with the desired combination of configurations shown in Switches. See the tables below for more information about the affected APIs, and the expected behavior of APPAPI and API.
- Restart the Tomcat instance.
- Repeat the same steps on other nodes.
Affected APIs
|
Consumer |
API |
Server Method |
|---|---|---|
|
Partner |
POST /api/v1/account/resetPassword |
com.mstr.usher.newServer.controllers.CPassword.resetPasswordApi() |
|
GET /api/v1/otp/verify/reg |
com.mstr.usher.newServer.controllers.CTool.verifyOtpRegApi() |
|
|
POST /api/v1/user |
com.mstr.usher.newServer.controllers.CUser.signUpApi() |
|
|
PUT /api/v1/user/contactInfo |
com.mstr.usher.newServer.controllers.CUser.updateContactInfoApi() |
|
|
GET /api/v1/otp/verify |
com.mstr.usher.newServer.controllers.CTool.verifyOtpApi() |
|
|
POST /api/v1/account/changePassword |
com.mstr.usher.newServer.controllers.CPassword.changePasswordApi() |
|
|
SDK |
POST /appapi/v1/account/resetPassword |
com.mstr.usher.newServer.controllers.CPassword.resetPasswordAppApi() |
|
GET /appapi/v1/otp/verify/reg |
com.mstr.usher.newServer.controllers.CTool.verifyOtpRegAppApi() |
|
|
POST /appapi/v1/user |
com.mstr.usher.newServer.controllers.CUser.signUpAppApi() |
|
|
PUT /appapi/v1/user/contactInfo |
com.mstr.usher.newServer.controllers.CUser.updateContactInfoAppApi() |
|
|
GET /appapi/v1/otp/verify |
com.mstr.usher.newServer.controllers.CTool.verifyOtpAppApi() |
|
|
POST /appapi/v1/account/changePassword |
com.mstr.usher.newServer.controllers.CPassword.changePasswordAppApi() |
Switches
|
Switch Name |
Default Value |
Description |
|---|---|---|
|
server.error.detail.api |
false |
Indicates whether to show a detailed 400 error in /api. Only supports OTP, session, and password related errors. |
|
server.error.detail.appapi |
false |
Indicates whether to show a detailed 400 error in /appapi. Only supports OTP, session, and password related errors. |
|
server.error.detail.oldstyle.appapi |
false |
Indicates whether to return 200 for a password related error. This only works for /appapi and when server.error.detail.appapi is set to false. |
Expected behavior of APPAPI
|
Scenario Number |
Show Error Details Switch (server.error.detail.appapi) |
Password Error Switch (server.error.detail.oldstyle.appapi) |
Server |
SDK |
Expected Server Behavior |
Expected iOS SDK Behavior |
Expected Android SDK Behavior |
|---|---|---|---|---|---|---|---|
|
1 |
OFF |
ON (cannot turn off on old server) |
old |
old |
400 invalid input
For the change/reset password API, it returns 200 OK and the data. |
Passes an invalid input error to the caller. For 200 OK, it throws one of the following: 1. Password Validation Generic Error 2. Old Password Invalid 3. Password History Policy Not Met 4. Generic Error |
Passes an invalid input error to the caller. For 200 OK, it throws one of the following: 1. OLD_PASSWORD_INCORRECT 2. NEW_PASSWORD_TOO_RECENT 3. PASSWORD_POLICY_FAIL 4. USHER_SDK_ERROR |
|
2 |
OFF |
ON (cannot turn off on old server) |
old |
new |
400 invalid input For the change/reset password API, it returns 200 OK and the data. |
Passes an invalid input error to the caller For 200 OK, it throws one of the following: 1. Password Validation Generic Error 2. Old Password Invalid 3. Password History Policy Not Met 4. Generic Error |
Passes an invalid input error to the caller For 200 OK, it throws one of the following: 1. OLD_PASSWORD_INCORRECT 2. NEW_PASSWORD_TOO_RECENT 3. PASSWORD_POLICY_FAIL 4. USHER_SDK_ERROR |
|
3 |
OFF |
ON |
new |
old |
400 invalid input For the change/reset password API, it returns 200 OK and the data. |
Passes an invalid input error to the caller For 200 OK, it throws one of the following: 1. Old Password Invalid 2. Password Validation Generic Error 3. Password History Policy Not Met 4. Generic Error |
Passes an invalid input error to the caller For 200 OK, it throws one of the following: 1. OLD_PASSWORD_INCORRECT 2. VIOLATE_POLICY_COMPLEXITY 3. VIOLATE_POLICY_HISTORY 4. USHER_SDK_ERROR |
|
4 |
OFF |
OFF |
new |
old |
400 invalid input For change/reset password, it returns 400 invalid input. |
Passes an invalid input error to the caller |
Passes an invalid input error to the caller |
|
5 |
OFF |
ON |
new |
new |
400 invalid input For the change/reset password API, it returns 200 OK and the data. |
Passes an invalid input error to the caller For 200 OK, it throws one of the following: 1. Old Password Invalid 2. Password Validation Generic Error 3. Password History Policy Not Met 4. Generic Error |
Passes an invalid input error to the caller For 200 OK, it throws one of the following: 1. OLD_PASSWORD_INCORRECT 2. VIOLATE_POLICY_COMPLEXITY 3. VIOLATE_POLICY_HISTORY 4. USHER_SDK_ERROR |
|
6 |
OFF |
ON |
new |
new |
400 invalid input For change/reset password, this returns 400 invalid input. |
Passes an invalid input error to the caller |
Passes an invalid input error to the caller |
|
7 |
ON |
N/A |
old |
old |
N/A |
N/A |
N/A |
|
8 |
ON |
N/A |
old |
new |
N/A |
N/A |
N/A |
|
9 |
ON |
N/A |
new |
old |
New error code |
Passes an unknown error to the caller |
Passes an unknown error to the caller |
|
10 |
ON |
N/A |
new |
new |
New error code |
Maps to the new, specifically designed error |
Maps to the new, specifically designed error |
Expected behavior of API
|
Scenario Number |
Show Error Details Switch |
Server |
Expected Server Behavior |
|---|---|---|---|
|
1 |
OFF |
old |
Same error that occurs in versions 2020 and 2020 Update 2 |
|
2 |
OFF |
new |
Returns 400 invalid input
|
|
3 |
ON |
old |
N/A |
|
4 |
ON |
new |
New error code. No longer returns 200 OK. |