Customizing Authentication Error Messages¶
WSO2 Identity Server has standard error messages for different authentication errors that are encountered. See Error Codes and Descriptions for more information on the standard error codes and descriptions of those errors. There are three types of custom errors handled here:
- Invalid credentials
- Invalid User
- Account Lock
Note
Account Lock errors are returned only when account locking is enabled on the server. Refer User Account Locking and Account Disabling document to enable account locking.
Do the following to customize these error messages.
Add the following properties to the deployment.toml
file found in the <IS_HOME>/repository/conf
folder and enable the authenticator to be able to customize error messages.
[authentication.authenticator.basic.parameters]
showAuthFailureReason = true
The following query parameters are sent to the web application from authentication endpoint.
- errorCode
- failedUsername
- remainingAttempts
The error messages can be customized based on these query parameters in the jsp files as in authenticationendpoint/login.jsp