HSBC STA02 errors - refresh token

Description

we are getting an error response from HSBC but this doesn’t read correctly and is getting rejected by TMS and ends up with us getting STA02 error on BMB.

To alleviate this, HSBC need to edit the error (see below) for the refresh token request. If they add the word ‘error’ to the their response, this should fix things. It is a simple fix, but we need this addressed urgently as it is the reason HSBC remain turned off on BMB.

Here is the change they need to make…..

HTTP Status Code 400
{“error”:”invalid_grant”}

Currently we don’t see the word ‘error’ in the response for a refresh token from HSBC

To put this into LOG text, this is what HSBC send :
[2019-04-17 15:11:42.343] [tknmgmtsapi-a-3-477cg] [ERROR] [com.barclays.ob.tms.oauth.impl.TokenServiceImpl] [{Correlation-ID=95d23d73e15942dfba4c193d5f557af0}] - Refresh User Token request not successful Status Code 400, Response body { "status" : "400" , "title" : "Unauthorized" , "description" : "Privacy verification failed - Refresh Token Expired" }

Where the highlighted ‘Status’ : ’400’ above needs the word ‘error’ added.

Technical Impact

None

Workaround

None

Resolution Notes

None

Impact Assessment

None

Status

Assignee

Unassigned

Reporter

Service Desk

Reference

None

Service Desk Reference

OBSD-8303

ASPSP

Query Type

None

TPP Impact

Medium

TPP

OB Environment

Production

Business Impact Severity

None

Share

Yes
Configure