Auth Exceptions

The Auth namespace contains some exception classes.

All exception classes support built-in methods for returning the error message and exception type. See Exception Class and Built-In Exceptions.

The Auth namespace contains the following exception.

Exception Description Methods
Auth.​AuthProviderPluginException Throw this exception to indicate that an error occurred when using the auth provider plug-in. Use to display a custom error message to the user. To get the error message and write it to debug log, use the String getMessage().
Auth.​ConnectedAppPlugin​Exception Throw this exception to indicate that an error occurred while running the custom behavior for a connected app. To get the error message and write it to debug log, use the String getMessage().
Auth.JWTBearerTokenExchange.​JWTBearerTokenExchangeException​ Throw this exception to indicate a problem with the response from the token endpoint in the JWTBearerTokenExchange class. This exception occurs when the HTTP response during the OAuth 2.0 JWT bearer token flow:
  • Fails to return an access token.
  • Is not in JSON format.
  • Returns a response code other than a 200 “OK” success code.
To get the error message and write it to debug log, use the String getMessage().
Auth.VerificationException Throw this exception to trigger verification based on the passed-in policy. You can throw this exception in an Apex trigger or Visualforce controller. The system automatically sends you to the verification endpoint, if possible.
Note

Note

After you throw this exception, you cannot catch it. The exception immediately triggers the verification.

Not applicable

Examples

This example uses AuthProviderPluginException to throw a custom error message on any method in a custom authentication provider implementation. Use this exception if you want the end user to see a specific message, passing in the error message as a parameter. If you use another exception, users see a standard Salesforce error message.

global override Auth.OAuthRefreshResult refresh(Map<string,string> authProviderConfiguration,String refreshToken){
            HttpRequest req = new HttpRequest();
            String accessToken = null;
            String error  = null;
            try {
            
            // DEVELOPER TODO: Make a refresh token flow using refreshToken passed 
            // in as an argument to get the new access token
            // accessToken = ... 
            } catch (System.CalloutException e) {
            error = e.getMessage();
            }
            catch(Exception e) {
            error = e.getMessage();
            throw new Auth.AuthProviderPluginException('My custom error');
            }
            
            return new Auth.OAuthRefreshResult(accessToken,refreshToken, error);                
            }

This example uses Auth.VerificationException to trigger verification if a user attempts to create an account without a high assurance session.

trigger testTrigger on Account (before insert) {
    Map<String, String> sessionMap = auth.SessionManagement.getCurrentSession();
    if(!sessionMap.get('SessionSecurityLevel').equals('HIGH_ASSURANCE')) {
        throw new Auth.VerificationException(
            Auth.VerificationPolicy.HIGH_ASSURANCE, 'Insert Account');
    }
}