Dear forum,

I am trying to find a way to stop the flow of a OIDC kickoff inside an Advanced-Mapping-Rule with a user-friendly error, by redirecting to a specific error page.

I've tried throwing many exceptions from OAuthMappingExtUtils and IDMappingExtUtils, but the result is always a 500 exception. There is no control over the user experience.

At least what I'd expect is a way to trigger one of the runtime error templates usually triggered in all other OIDC flows. In there it is possible to customize the behavior. However, I did not find a way to trigger the templates.

A hack that we found is to trick the runtime to think that this is a successful request and override the authorization url to the error page. But this redirection requires all parameters of successful authorization request (redirect_uri, request_type...), which are not desired on the error redirection.

Weirdly enough, if any of the mandatory parameters are not supplied, then internal processing of runtime stops the flow with an internal error, and DOES trigger the OIDC runtime error page. The misalignment of the exception handling behaviors perplexes me very much.

I'd appreciate some insights if there are additional ways how to handle error flows in Advanced mapping rules, and how a redirection could be achieved.

Thank you vary much in advanced for help.

Best,
Dean