• Error handling is integrated into the look and feel of a site.
  • Contact information and reporting procedures are provided that lead to problem resolution.
  • Errors resulting from correctable or avoidable user actions are presented in a fashion that leads to self-correction.

Federation software in most cases comes equipped with a default error handling experience that is limited in scope:

In short, out of the box error handling is functional and helpful for debugging, but is typically lacking in providing a professional and appropriate experience for users of an IdP or SP.

Before moving to a production state, deployers should take steps to address these deficiencies. Obvious steps include:

A less obvious, but important, step is to explore different error conditions in your federating software and/or application; consider what problems are likely to recur in production and how users ought to be advised to proceed. For example, consider how bookmarks of various kinds, or the use of the back button, influences the user experience. Turn those otherwise useless messages into a straightforward warning about these features.

The hand-off between SPs and IdPs within a federation can result in user confusion when errors occur. See Federated Error Handling for ways to address this.

Finally, translate overly technical messages into customized responses in plain language that lead users to solutions; most software will provide the capability to do this. Even if error message testing breaks after upgrades, a deployment is no worse off for having improved the experience in the meantime.