diff --git a/datamodels/2.x/itop-oauth-client/src/Controller/AjaxOauthClientController.php b/datamodels/2.x/itop-oauth-client/src/Controller/AjaxOauthClientController.php
index 65523046b..4ec94b2f6 100644
--- a/datamodels/2.x/itop-oauth-client/src/Controller/AjaxOauthClientController.php
+++ b/datamodels/2.x/itop-oauth-client/src/Controller/AjaxOauthClientController.php
@@ -11,6 +11,7 @@ use Combodo\iTop\Application\TwigBase\Controller\Controller;
 use Combodo\iTop\Core\Authentication\Client\OAuth\OAuthClientProviderFactory;
 use Dict;
 use IssueLog;
+use League\OAuth2\Client\Provider\Exception\IdentityProviderException;
 use MetaModel;
 use utils;
 
@@ -64,13 +65,15 @@ class AjaxOauthClientController extends Controller
 			}
 			if (isset($aQuery['code'])) {
 				$sCode = $aQuery['code'];
-				$oAccessToken = OAuthClientProviderFactory::GetAccessTokenFromCode($oOAuthClient, $sCode);
-
-				$oOAuthClient->SetAccessToken($oAccessToken);
-
-
-
-				$aResult['status'] = 'success';
+				try {
+					$oAccessToken = OAuthClientProviderFactory::GetAccessTokenFromCode($oOAuthClient, $sCode);
+					$oOAuthClient->SetAccessToken($oAccessToken);
+					$aResult['status'] = 'success';
+				}
+				catch (IdentityProviderException $e) {
+					$aResult['status'] = 'error';
+					$aResult['error_description'] = $e->getMessage();
+				}
 			}
 		} else {
 			$aResult['status'] = 'error';
diff --git a/sources/Core/Authentication/Client/OAuth/OAuthClientProviderFactory.php b/sources/Core/Authentication/Client/OAuth/OAuthClientProviderFactory.php
index 66230eb3e..77006d436 100644
--- a/sources/Core/Authentication/Client/OAuth/OAuthClientProviderFactory.php
+++ b/sources/Core/Authentication/Client/OAuth/OAuthClientProviderFactory.php
@@ -74,6 +74,7 @@ class OAuthClientProviderFactory
 	 * @return AccessTokenInterface
 	 * @throws \ArchivedObjectException
 	 * @throws \CoreException
+	 * @throws \League\OAuth2\Client\Provider\Exception\IdentityProviderException
 	 */
 	public static function GetAccessTokenFromCode(OAuthClient $oOAuthClient, $sCode)
 	{
@@ -109,7 +110,7 @@ class OAuthClientProviderFactory
 	/**
 	 * @param \DBObject $oOAuthClient
 	 *
-	 * @return mixed
+	 * @return OAuthClientProviderAbstract
 	 * @throws \ArchivedObjectException
 	 * @throws \CoreException
 	 */