From dfc57bff56935e214008abe14c5c0031f43951b8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?K=C3=A9vin=20Chalet?= <kevinchalet@gmail.com>
Date: Mon, 30 Nov 2020 16:58:41 +0100
Subject: [PATCH] Add an error_uri to all the errors returned by OpenIddict

---
 .../OpenIddictResources.resx                  |   5 +-
 .../OpenIddictQuartzConfiguration.cs          |   4 +-
 ...ServerAspNetCoreHandlers.Authentication.cs |   6 +-
 ...nIddictServerAspNetCoreHandlers.Session.cs |   6 +-
 .../OpenIddictServerAspNetCoreHandlers.cs     |  39 ++++--
 .../OpenIddictServerDataProtectionHandlers.cs |   3 +-
 ...IddictServerOwinHandlers.Authentication.cs |   6 +-
 .../OpenIddictServerOwinHandlers.Session.cs   |   6 +-
 .../OpenIddictServerOwinHandlers.cs           |  39 ++++--
 ...OpenIddictServerHandlers.Authentication.cs | 108 ++++++++++-----
 .../OpenIddictServerHandlers.Device.cs        |  33 +++--
 .../OpenIddictServerHandlers.Exchange.cs      |  94 ++++++++-----
 .../OpenIddictServerHandlers.Introspection.cs |  30 +++--
 .../OpenIddictServerHandlers.Revocation.cs    |  39 ++++--
 .../OpenIddictServerHandlers.Session.cs       |   9 +-
 .../OpenIddictServerHandlers.Userinfo.cs      |   3 +-
 .../OpenIddictServerHandlers.cs               | 124 +++++++++++++++++-
 .../OpenIddictValidationAspNetCoreHandlers.cs |   6 +-
 ...nIddictValidationDataProtectionHandlers.cs |   3 +-
 .../OpenIddictValidationOwinHandlers.cs       |   6 +-
 .../OpenIddictValidationHandlers.Discovery.cs |  30 +++--
 ...nIddictValidationHandlers.Introspection.cs |  18 ++-
 .../OpenIddictValidationHandlers.cs           |  40 ++++--
 ...nIddictServerAspNetCoreIntegrationTests.cs |   1 +
 ...ctServerIntegrationTests.Authentication.cs |  38 ++++++
 ...OpenIddictServerIntegrationTests.Device.cs |  13 ++
 ...nIddictServerIntegrationTests.Discovery.cs |   2 +
 ...enIddictServerIntegrationTests.Exchange.cs |  52 ++++++++
 ...ictServerIntegrationTests.Introspection.cs |  16 +++
 ...IddictServerIntegrationTests.Revocation.cs |  13 ++
 ...penIddictServerIntegrationTests.Session.cs |   4 +
 ...enIddictServerIntegrationTests.Userinfo.cs |   3 +
 .../OpenIddictServerIntegrationTests.cs       |   6 +-
 .../OpenIddictServerOwinIntegrationTests.cs   |   1 +
 34 files changed, 627 insertions(+), 179 deletions(-)

diff --git a/src/OpenIddict.Abstractions/OpenIddictResources.resx b/src/OpenIddict.Abstractions/OpenIddictResources.resx
index cd3f000f..4518f130 100644
--- a/src/OpenIddict.Abstractions/OpenIddictResources.resx
+++ b/src/OpenIddict.Abstractions/OpenIddictResources.resx
@@ -2048,9 +2048,12 @@ This may indicate that the hashed entry is corrupted or malformed.</value>
     <value>The device request was rejected because the application '{ClientId}' was not allowed to request the '{Scope}' scope.</value>
   </data>
   <data name="ID8000" xml:space="preserve">
-    <value>Removes orphaned tokens and authorizations from the database.</value>
+    <value>https://documentation.openiddict.com/errors/{0}</value>
   </data>
   <data name="ID8001" xml:space="preserve">
+    <value>Removes orphaned tokens and authorizations from the database.</value>
+  </data>
+  <data name="ID8002" xml:space="preserve">
     <value>Starts the scheduled task at regular intervals.</value>
   </data>
 </root>
\ No newline at end of file
diff --git a/src/OpenIddict.Quartz/OpenIddictQuartzConfiguration.cs b/src/OpenIddict.Quartz/OpenIddictQuartzConfiguration.cs
index abd12daa..943e6d2c 100644
--- a/src/OpenIddict.Quartz/OpenIddictQuartzConfiguration.cs
+++ b/src/OpenIddict.Quartz/OpenIddictQuartzConfiguration.cs
@@ -28,7 +28,7 @@ namespace OpenIddict.Quartz
             {
                 builder.StoreDurably()
                        .WithIdentity(OpenIddictQuartzJob.Identity)
-                       .WithDescription(SR.GetResourceString(SR.ID8000));
+                       .WithDescription(SR.GetResourceString(SR.ID8001));
             });
 
             options.AddTrigger(builder =>
@@ -38,7 +38,7 @@ namespace OpenIddict.Quartz
                 // to fire 2 minutes after the application starts to ensure it's executed at least once.
                 builder.ForJob(OpenIddictQuartzJob.Identity)
                        .WithSimpleSchedule(options => options.WithIntervalInHours(1).RepeatForever())
-                       .WithDescription(SR.GetResourceString(SR.ID8001))
+                       .WithDescription(SR.GetResourceString(SR.ID8002))
                        .StartAt(DateBuilder.FutureDate(2, IntervalUnit.Minute));
             });
         }
diff --git a/src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.Authentication.cs b/src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.Authentication.cs
index 3148fcc5..b6a6bfce 100644
--- a/src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.Authentication.cs
+++ b/src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.Authentication.cs
@@ -114,7 +114,8 @@ namespace OpenIddict.Server.AspNetCore
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2052(Parameters.RequestId));
+                            description: SR.FormatID2052(Parameters.RequestId),
+                            uri: SR.FormatID8000(SR.ID2052));
 
                         return;
                     }
@@ -131,7 +132,8 @@ namespace OpenIddict.Server.AspNetCore
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2052(Parameters.RequestId));
+                            description: SR.FormatID2052(Parameters.RequestId),
+                            uri: SR.FormatID8000(SR.ID2052));
 
                         return;
                     }
diff --git a/src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.Session.cs b/src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.Session.cs
index 6e37dab9..57ac7bf8 100644
--- a/src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.Session.cs
+++ b/src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.Session.cs
@@ -112,7 +112,8 @@ namespace OpenIddict.Server.AspNetCore
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2052(Parameters.RequestId));
+                            description: SR.FormatID2052(Parameters.RequestId),
+                            uri: SR.FormatID8000(SR.ID2052));
 
                         return;
                     }
@@ -129,7 +130,8 @@ namespace OpenIddict.Server.AspNetCore
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2052(Parameters.RequestId));
+                            description: SR.FormatID2052(Parameters.RequestId),
+                            uri: SR.FormatID8000(SR.ID2052));
 
                         return;
                     }
diff --git a/src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.cs b/src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.cs
index 9424d36b..9e40072b 100644
--- a/src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.cs
+++ b/src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.cs
@@ -213,7 +213,8 @@ namespace OpenIddict.Server.AspNetCore
                 {
                     context.Reject(
                         error: Errors.InvalidRequest,
-                        description: SR.FormatID2081(HeaderNames.Host));
+                        description: SR.FormatID2081(HeaderNames.Host),
+                        uri: SR.FormatID8000(SR.ID2081));
 
                     return default;
                 }
@@ -223,7 +224,8 @@ namespace OpenIddict.Server.AspNetCore
                 {
                     context.Reject(
                         error: Errors.InvalidRequest,
-                        description: SR.FormatID2082(HeaderNames.Host));
+                        description: SR.FormatID2082(HeaderNames.Host),
+                        uri: SR.FormatID8000(SR.ID2082));
 
                     return default;
                 }
@@ -279,7 +281,8 @@ namespace OpenIddict.Server.AspNetCore
                 {
                     context.Reject(
                         error: Errors.InvalidRequest,
-                        description: SR.GetResourceString(SR.ID2083));
+                        description: SR.GetResourceString(SR.ID2083),
+                        uri: SR.FormatID8000(SR.ID2083));
 
                     return default;
                 }
@@ -424,7 +427,8 @@ namespace OpenIddict.Server.AspNetCore
 
                     context.Reject(
                         error: Errors.InvalidRequest,
-                        description: SR.GetResourceString(SR.ID2084));
+                        description: SR.GetResourceString(SR.ID2084),
+                        uri: SR.FormatID8000(SR.ID2084));
 
                     return default;
                 }
@@ -480,7 +484,8 @@ namespace OpenIddict.Server.AspNetCore
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2081(HeaderNames.ContentType));
+                            description: SR.FormatID2081(HeaderNames.ContentType),
+                            uri: SR.FormatID8000(SR.ID2081));
 
                         return;
                     }
@@ -492,7 +497,8 @@ namespace OpenIddict.Server.AspNetCore
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2082(HeaderNames.ContentType));
+                            description: SR.FormatID2082(HeaderNames.ContentType),
+                            uri: SR.FormatID8000(SR.ID2082));
 
                         return;
                     }
@@ -506,7 +512,8 @@ namespace OpenIddict.Server.AspNetCore
 
                     context.Reject(
                         error: Errors.InvalidRequest,
-                        description: SR.GetResourceString(SR.ID2084));
+                        description: SR.GetResourceString(SR.ID2084),
+                        uri: SR.FormatID8000(SR.ID2084));
 
                     return;
                 }
@@ -555,7 +562,8 @@ namespace OpenIddict.Server.AspNetCore
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2081(HeaderNames.ContentType));
+                            description: SR.FormatID2081(HeaderNames.ContentType),
+                            uri: SR.FormatID8000(SR.ID2081));
 
                         return;
                     }
@@ -567,7 +575,8 @@ namespace OpenIddict.Server.AspNetCore
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2082(HeaderNames.ContentType));
+                            description: SR.FormatID2082(HeaderNames.ContentType),
+                            uri: SR.FormatID8000(SR.ID2082));
 
                         return;
                     }
@@ -581,7 +590,8 @@ namespace OpenIddict.Server.AspNetCore
 
                     context.Reject(
                         error: Errors.InvalidRequest,
-                        description: SR.GetResourceString(SR.ID2084));
+                        description: SR.GetResourceString(SR.ID2084),
+                        uri: SR.FormatID8000(SR.ID2084));
 
                     return;
                 }
@@ -639,7 +649,8 @@ namespace OpenIddict.Server.AspNetCore
 
                     context.Reject(
                         error: Errors.InvalidRequest,
-                        description: SR.GetResourceString(SR.ID2087));
+                        description: SR.GetResourceString(SR.ID2087),
+                        uri: SR.FormatID8000(SR.ID2087));
 
                     return default;
                 }
@@ -654,7 +665,8 @@ namespace OpenIddict.Server.AspNetCore
                     {
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.GetResourceString(SR.ID2055));
+                            description: SR.GetResourceString(SR.ID2055),
+                            uri: SR.FormatID8000(SR.ID2055));
 
                         return default;
                     }
@@ -670,7 +682,8 @@ namespace OpenIddict.Server.AspNetCore
                 {
                     context.Reject(
                         error: Errors.InvalidRequest,
-                        description: SR.GetResourceString(SR.ID2055));
+                        description: SR.GetResourceString(SR.ID2055),
+                        uri: SR.FormatID8000(SR.ID2055));
 
                     return default;
                 }
diff --git a/src/OpenIddict.Server.DataProtection/OpenIddictServerDataProtectionHandlers.cs b/src/OpenIddict.Server.DataProtection/OpenIddictServerDataProtectionHandlers.cs
index d94f26f9..72d21610 100644
--- a/src/OpenIddict.Server.DataProtection/OpenIddictServerDataProtectionHandlers.cs
+++ b/src/OpenIddict.Server.DataProtection/OpenIddictServerDataProtectionHandlers.cs
@@ -102,7 +102,8 @@ namespace OpenIddict.Server.DataProtection
                             OpenIddictServerEndpointType.Token => Errors.InvalidGrant,
                             _                                  => Errors.InvalidToken
                         },
-                        description: SR.GetResourceString(SR.ID2004));
+                        description: SR.GetResourceString(SR.ID2004),
+                        uri: SR.FormatID8000(SR.ID2004));
 
                     return default;
                 }
diff --git a/src/OpenIddict.Server.Owin/OpenIddictServerOwinHandlers.Authentication.cs b/src/OpenIddict.Server.Owin/OpenIddictServerOwinHandlers.Authentication.cs
index d672e493..b2987c35 100644
--- a/src/OpenIddict.Server.Owin/OpenIddictServerOwinHandlers.Authentication.cs
+++ b/src/OpenIddict.Server.Owin/OpenIddictServerOwinHandlers.Authentication.cs
@@ -113,7 +113,8 @@ namespace OpenIddict.Server.Owin
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2052(Parameters.RequestId));
+                            description: SR.FormatID2052(Parameters.RequestId),
+                            uri: SR.FormatID8000(SR.ID2052));
 
                         return;
                     }
@@ -130,7 +131,8 @@ namespace OpenIddict.Server.Owin
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2052(Parameters.RequestId));
+                            description: SR.FormatID2052(Parameters.RequestId),
+                            uri: SR.FormatID8000(SR.ID2052));
 
                         return;
                     }
diff --git a/src/OpenIddict.Server.Owin/OpenIddictServerOwinHandlers.Session.cs b/src/OpenIddict.Server.Owin/OpenIddictServerOwinHandlers.Session.cs
index fd013426..3b346758 100644
--- a/src/OpenIddict.Server.Owin/OpenIddictServerOwinHandlers.Session.cs
+++ b/src/OpenIddict.Server.Owin/OpenIddictServerOwinHandlers.Session.cs
@@ -111,7 +111,8 @@ namespace OpenIddict.Server.Owin
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2052(Parameters.RequestId));
+                            description: SR.FormatID2052(Parameters.RequestId),
+                            uri: SR.FormatID8000(SR.ID2052));
 
                         return;
                     }
@@ -128,7 +129,8 @@ namespace OpenIddict.Server.Owin
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2052(Parameters.RequestId));
+                            description: SR.FormatID2052(Parameters.RequestId),
+                            uri: SR.FormatID8000(SR.ID2052));
 
                         return;
                     }
diff --git a/src/OpenIddict.Server.Owin/OpenIddictServerOwinHandlers.cs b/src/OpenIddict.Server.Owin/OpenIddictServerOwinHandlers.cs
index 12b4d16e..54f07242 100644
--- a/src/OpenIddict.Server.Owin/OpenIddictServerOwinHandlers.cs
+++ b/src/OpenIddict.Server.Owin/OpenIddictServerOwinHandlers.cs
@@ -202,7 +202,8 @@ namespace OpenIddict.Server.Owin
                 {
                     context.Reject(
                         error: Errors.InvalidRequest,
-                        description: SR.FormatID2081(Headers.Host));
+                        description: SR.FormatID2081(Headers.Host),
+                        uri: SR.FormatID8000(SR.ID2081));
 
                     return default;
                 }
@@ -212,7 +213,8 @@ namespace OpenIddict.Server.Owin
                 {
                     context.Reject(
                         error: Errors.InvalidRequest,
-                        description: SR.FormatID2082(Headers.Host));
+                        description: SR.FormatID2082(Headers.Host),
+                        uri: SR.FormatID8000(SR.ID2082));
 
                     return default;
                 }
@@ -268,7 +270,8 @@ namespace OpenIddict.Server.Owin
                 {
                     context.Reject(
                         error: Errors.InvalidRequest,
-                        description: SR.GetResourceString(SR.ID2083));
+                        description: SR.GetResourceString(SR.ID2083),
+                        uri: SR.FormatID8000(SR.ID2083));
 
                     return default;
                 }
@@ -362,7 +365,8 @@ namespace OpenIddict.Server.Owin
 
                     context.Reject(
                         error: Errors.InvalidRequest,
-                        description: SR.GetResourceString(SR.ID2084));
+                        description: SR.GetResourceString(SR.ID2084),
+                        uri: SR.FormatID8000(SR.ID2084));
 
                     return default;
                 }
@@ -418,7 +422,8 @@ namespace OpenIddict.Server.Owin
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2081(Headers.ContentType));
+                            description: SR.FormatID2081(Headers.ContentType),
+                            uri: SR.FormatID8000(SR.ID2081));
 
                         return;
                     }
@@ -430,7 +435,8 @@ namespace OpenIddict.Server.Owin
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2082(Headers.ContentType));
+                            description: SR.FormatID2082(Headers.ContentType),
+                            uri: SR.FormatID8000(SR.ID2082));
 
                         return;
                     }
@@ -444,7 +450,8 @@ namespace OpenIddict.Server.Owin
 
                     context.Reject(
                         error: Errors.InvalidRequest,
-                        description: SR.GetResourceString(SR.ID2084));
+                        description: SR.GetResourceString(SR.ID2084),
+                        uri: SR.FormatID8000(SR.ID2084));
 
                     return;
                 }
@@ -493,7 +500,8 @@ namespace OpenIddict.Server.Owin
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2081(Headers.ContentType));
+                            description: SR.FormatID2081(Headers.ContentType),
+                            uri: SR.FormatID8000(SR.ID2081));
 
                         return;
                     }
@@ -505,7 +513,8 @@ namespace OpenIddict.Server.Owin
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2082(Headers.ContentType));
+                            description: SR.FormatID2082(Headers.ContentType),
+                            uri: SR.FormatID8000(SR.ID2082));
 
                         return;
                     }
@@ -519,7 +528,8 @@ namespace OpenIddict.Server.Owin
 
                     context.Reject(
                         error: Errors.InvalidRequest,
-                        description: SR.GetResourceString(SR.ID2084));
+                        description: SR.GetResourceString(SR.ID2084),
+                        uri: SR.FormatID8000(SR.ID2084));
 
                     return;
                 }
@@ -577,7 +587,8 @@ namespace OpenIddict.Server.Owin
 
                     context.Reject(
                         error: Errors.InvalidRequest,
-                        description: SR.GetResourceString(SR.ID2087));
+                        description: SR.GetResourceString(SR.ID2087),
+                        uri: SR.FormatID8000(SR.ID2087));
 
                     return default;
                 }
@@ -592,7 +603,8 @@ namespace OpenIddict.Server.Owin
                     {
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.GetResourceString(SR.ID2055));
+                            description: SR.GetResourceString(SR.ID2055),
+                            uri: SR.FormatID8000(SR.ID2055));
 
                         return default;
                     }
@@ -608,7 +620,8 @@ namespace OpenIddict.Server.Owin
                 {
                     context.Reject(
                         error: Errors.InvalidRequest,
-                        description: SR.GetResourceString(SR.ID2055));
+                        description: SR.GetResourceString(SR.ID2055),
+                        uri: SR.FormatID8000(SR.ID2055));
 
                     return default;
                 }
diff --git a/src/OpenIddict.Server/OpenIddictServerHandlers.Authentication.cs b/src/OpenIddict.Server/OpenIddictServerHandlers.Authentication.cs
index 66f3c3a3..42ba9361 100644
--- a/src/OpenIddict.Server/OpenIddictServerHandlers.Authentication.cs
+++ b/src/OpenIddict.Server/OpenIddictServerHandlers.Authentication.cs
@@ -362,7 +362,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.RequestNotSupported,
-                            description: SR.FormatID2028(Parameters.Request));
+                            description: SR.FormatID2028(Parameters.Request),
+                            uri: SR.FormatID8000(SR.ID2028));
 
                         return default;
                     }
@@ -401,7 +402,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.RequestUriNotSupported,
-                            description: SR.FormatID2028(Parameters.RequestUri));
+                            description: SR.FormatID2028(Parameters.RequestUri),
+                            uri: SR.FormatID8000(SR.ID2028));
 
                         return default;
                     }
@@ -441,7 +443,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2029(Parameters.ClientId));
+                            description: SR.FormatID2029(Parameters.ClientId),
+                            uri: SR.FormatID8000(SR.ID2029));
 
                         return default;
                     }
@@ -486,7 +489,8 @@ namespace OpenIddict.Server
 
                             context.Reject(
                                 error: Errors.InvalidRequest,
-                                description: SR.FormatID2029(Parameters.RedirectUri));
+                                description: SR.FormatID2029(Parameters.RedirectUri),
+                                uri: SR.FormatID8000(SR.ID2029));
 
                             return default;
                         }
@@ -508,7 +512,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2030(Parameters.RedirectUri));
+                            description: SR.FormatID2030(Parameters.RedirectUri),
+                            uri: SR.FormatID8000(SR.ID2030));
 
                         return default;
                     }
@@ -522,7 +527,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2031(Parameters.RedirectUri));
+                            description: SR.FormatID2031(Parameters.RedirectUri),
+                            uri: SR.FormatID8000(SR.ID2031));
 
                         return default;
                     }
@@ -561,7 +567,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2029(Parameters.ResponseType));
+                            description: SR.FormatID2029(Parameters.ResponseType),
+                            uri: SR.FormatID8000(SR.ID2029));
 
                         return default;
                     }
@@ -573,7 +580,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.UnsupportedResponseType,
-                            description: SR.FormatID2032(Parameters.ResponseType));
+                            description: SR.FormatID2032(Parameters.ResponseType),
+                            uri: SR.FormatID8000(SR.ID2032));
 
                         return default;
                     }
@@ -585,7 +593,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.UnsupportedResponseType,
-                            description: SR.FormatID2032(Parameters.ResponseType));
+                            description: SR.FormatID2032(Parameters.ResponseType),
+                            uri: SR.FormatID8000(SR.ID2032));
 
                         return default;
                     }
@@ -598,7 +607,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.UnsupportedResponseType,
-                            description: SR.FormatID2032(Parameters.ResponseType));
+                            description: SR.FormatID2032(Parameters.ResponseType),
+                            uri: SR.FormatID8000(SR.ID2032));
 
                         return default;
                     }
@@ -612,7 +622,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.UnsupportedResponseType,
-                            description: SR.FormatID2032(Parameters.ResponseType));
+                            description: SR.FormatID2032(Parameters.ResponseType),
+                            uri: SR.FormatID8000(SR.ID2032));
 
                         return default;
                     }
@@ -654,7 +665,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2033(Parameters.ResponseType, Parameters.ResponseMode));
+                            description: SR.FormatID2033(Parameters.ResponseType, Parameters.ResponseMode),
+                            uri: SR.FormatID8000(SR.ID2033));
 
                         return default;
                     }
@@ -667,7 +679,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2032(Parameters.ResponseMode));
+                            description: SR.FormatID2032(Parameters.ResponseMode),
+                            uri: SR.FormatID8000(SR.ID2032));
 
                         return default;
                     }
@@ -731,7 +744,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2034(Scopes.OpenId));
+                            description: SR.FormatID2034(Scopes.OpenId),
+                            uri: SR.FormatID8000(SR.ID2034));
 
                         return default;
                     }
@@ -741,7 +755,8 @@ namespace OpenIddict.Server
                     {
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2035(Scopes.OfflineAccess));
+                            description: SR.FormatID2035(Scopes.OfflineAccess),
+                            uri: SR.FormatID8000(SR.ID2035));
 
                         return default;
                     }
@@ -789,7 +804,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2029(Parameters.Nonce));
+                            description: SR.FormatID2029(Parameters.Nonce),
+                            uri: SR.FormatID8000(SR.ID2029));
 
                         return default;
                     }
@@ -830,7 +846,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2052(Parameters.Prompt));
+                            description: SR.FormatID2052(Parameters.Prompt),
+                            uri: SR.FormatID8000(SR.ID2052));
 
                         return default;
                     }
@@ -872,7 +889,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2029(Parameters.CodeChallenge));
+                            description: SR.FormatID2029(Parameters.CodeChallenge),
+                            uri: SR.FormatID8000(SR.ID2029));
 
                         return default;
                     }
@@ -892,7 +910,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2037(Parameters.CodeChallengeMethod, Parameters.CodeChallenge));
+                            description: SR.FormatID2037(Parameters.CodeChallengeMethod, Parameters.CodeChallenge),
+                            uri: SR.FormatID8000(SR.ID2037));
 
                         return default;
                     }
@@ -906,7 +925,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2029(Parameters.CodeChallengeMethod));
+                            description: SR.FormatID2029(Parameters.CodeChallengeMethod),
+                            uri: SR.FormatID8000(SR.ID2029));
 
                         return default;
                     }
@@ -919,7 +939,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2032(Parameters.CodeChallengeMethod));
+                            description: SR.FormatID2032(Parameters.CodeChallengeMethod),
+                            uri: SR.FormatID8000(SR.ID2032));
 
                         return default;
                     }
@@ -931,7 +952,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2040(Parameters.CodeChallenge, Parameters.CodeChallengeMethod, ResponseTypes.Code));
+                            description: SR.FormatID2040(Parameters.CodeChallenge, Parameters.CodeChallengeMethod, ResponseTypes.Code),
+                            uri: SR.FormatID8000(SR.ID2040));
 
                         return default;
                     }
@@ -943,7 +965,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2041(Parameters.ResponseType));
+                            description: SR.FormatID2041(Parameters.ResponseType),
+                            uri: SR.FormatID8000(SR.ID2041));
 
                         return default;
                     }
@@ -993,7 +1016,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2052(Parameters.ClientId));
+                            description: SR.FormatID2052(Parameters.ClientId),
+                            uri: SR.FormatID8000(SR.ID2052));
 
                         return;
                     }
@@ -1059,7 +1083,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.UnauthorizedClient,
-                            description: SR.FormatID2043(Parameters.ResponseType));
+                            description: SR.FormatID2043(Parameters.ResponseType),
+                            uri: SR.FormatID8000(SR.ID2043));
 
                         return;
                     }
@@ -1117,7 +1142,8 @@ namespace OpenIddict.Server
 
                             context.Reject(
                                 error: Errors.InvalidRequest,
-                                description: SR.FormatID2029(Parameters.RedirectUri));
+                                description: SR.FormatID2029(Parameters.RedirectUri),
+                                uri: SR.FormatID8000(SR.ID2029));
 
                             return;
                         }
@@ -1134,7 +1160,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2043(Parameters.RedirectUri));
+                            description: SR.FormatID2043(Parameters.RedirectUri),
+                            uri: SR.FormatID8000(SR.ID2043));
 
                         return;
                     }
@@ -1212,7 +1239,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidScope,
-                            description: SR.FormatID2052(Parameters.Scope));
+                            description: SR.FormatID2052(Parameters.Scope),
+                            uri: SR.FormatID8000(SR.ID2052));
 
                         return;
                     }
@@ -1267,7 +1295,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.UnauthorizedClient,
-                            description: SR.GetResourceString(SR.ID2046));
+                            description: SR.GetResourceString(SR.ID2046),
+                            uri: SR.FormatID8000(SR.ID2046));
 
                         return;
                     }
@@ -1323,7 +1352,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.UnauthorizedClient,
-                            description: SR.GetResourceString(SR.ID2047));
+                            description: SR.GetResourceString(SR.ID2047),
+                            uri: SR.FormatID8000(SR.ID2047));
 
                         return;
                     }
@@ -1336,7 +1366,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.UnauthorizedClient,
-                            description: SR.GetResourceString(SR.ID2048));
+                            description: SR.GetResourceString(SR.ID2048),
+                            uri: SR.FormatID8000(SR.ID2048));
 
                         return;
                     }
@@ -1350,7 +1381,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.UnauthorizedClient,
-                            description: SR.GetResourceString(SR.ID2049));
+                            description: SR.GetResourceString(SR.ID2049),
+                            uri: SR.FormatID8000(SR.ID2049));
 
                         return;
                     }
@@ -1364,7 +1396,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2065(Scopes.OfflineAccess));
+                            description: SR.FormatID2065(Scopes.OfflineAccess),
+                            uri: SR.FormatID8000(SR.ID2065));
 
                         return;
                     }
@@ -1419,7 +1452,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.UnauthorizedClient,
-                            description: SR.FormatID2043(Parameters.ResponseType));
+                            description: SR.FormatID2043(Parameters.ResponseType),
+                            uri: SR.FormatID8000(SR.ID2043));
 
                         return;
                     }
@@ -1510,7 +1544,8 @@ namespace OpenIddict.Server
 
                             context.Reject(
                                 error: Errors.InvalidRequest,
-                                description: SR.GetResourceString(SR.ID2051));
+                                description: SR.GetResourceString(SR.ID2051),
+                                uri: SR.FormatID8000(SR.ID2051));
 
                             return;
                         }
@@ -1572,7 +1607,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2054(Parameters.CodeChallenge));
+                            description: SR.FormatID2054(Parameters.CodeChallenge),
+                            uri: SR.FormatID8000(SR.ID2054));
 
                         return;
                     }
diff --git a/src/OpenIddict.Server/OpenIddictServerHandlers.Device.cs b/src/OpenIddict.Server/OpenIddictServerHandlers.Device.cs
index d5c78349..33fd5865 100644
--- a/src/OpenIddict.Server/OpenIddictServerHandlers.Device.cs
+++ b/src/OpenIddict.Server/OpenIddictServerHandlers.Device.cs
@@ -357,7 +357,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidClient,
-                            description: SR.FormatID2029(Parameters.ClientId));
+                            description: SR.FormatID2029(Parameters.ClientId),
+                            uri: SR.FormatID8000(SR.ID2029));
 
                         return default;
                     }
@@ -394,7 +395,8 @@ namespace OpenIddict.Server
                     {
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2035(Scopes.OfflineAccess));
+                            description: SR.FormatID2035(Scopes.OfflineAccess),
+                            uri: SR.FormatID8000(SR.ID2035));
 
                         return default;
                     }
@@ -474,7 +476,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidScope,
-                            description: SR.FormatID2052(Parameters.Scope));
+                            description: SR.FormatID2052(Parameters.Scope),
+                            uri: SR.FormatID8000(SR.ID2052));
 
                         return;
                     }
@@ -525,7 +528,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidClient,
-                            description: SR.FormatID2052(Parameters.ClientId));
+                            description: SR.FormatID2052(Parameters.ClientId),
+                            uri: SR.FormatID8000(SR.ID2052));
 
                         return;
                     }
@@ -583,7 +587,8 @@ namespace OpenIddict.Server
 
                             context.Reject(
                                 error: Errors.InvalidClient,
-                                description: SR.FormatID2053(Parameters.ClientSecret));
+                                description: SR.FormatID2053(Parameters.ClientSecret),
+                                uri: SR.FormatID8000(SR.ID2053));
 
                             return;
                         }
@@ -598,7 +603,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidClient,
-                            description: SR.FormatID2054(Parameters.ClientSecret));
+                            description: SR.FormatID2054(Parameters.ClientSecret),
+                            uri: SR.FormatID8000(SR.ID2054));
 
                         return;
                     }
@@ -660,7 +666,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidClient,
-                            description: SR.GetResourceString(SR.ID2055));
+                            description: SR.GetResourceString(SR.ID2055),
+                            uri: SR.FormatID8000(SR.ID2055));
 
                         return;
                     }
@@ -717,7 +724,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.UnauthorizedClient,
-                            description: SR.GetResourceString(SR.ID2056));
+                            description: SR.GetResourceString(SR.ID2056),
+                            uri: SR.FormatID8000(SR.ID2056));
 
                         return;
                     }
@@ -772,7 +780,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.UnauthorizedClient,
-                            description: SR.GetResourceString(SR.ID2121));
+                            description: SR.GetResourceString(SR.ID2121),
+                            uri: SR.FormatID8000(SR.ID2121));
 
                         return;
                     }
@@ -786,7 +795,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2065(Scopes.OfflineAccess));
+                            description: SR.FormatID2065(Scopes.OfflineAccess),
+                            uri: SR.FormatID8000(SR.ID2065));
 
                         return;
                     }
@@ -852,7 +862,8 @@ namespace OpenIddict.Server
 
                             context.Reject(
                                 error: Errors.InvalidRequest,
-                                description: SR.GetResourceString(SR.ID2051));
+                                description: SR.GetResourceString(SR.ID2051),
+                                uri: SR.FormatID8000(SR.ID2051));
 
                             return;
                         }
diff --git a/src/OpenIddict.Server/OpenIddictServerHandlers.Exchange.cs b/src/OpenIddict.Server/OpenIddictServerHandlers.Exchange.cs
index e29a4341..937c51ad 100644
--- a/src/OpenIddict.Server/OpenIddictServerHandlers.Exchange.cs
+++ b/src/OpenIddict.Server/OpenIddictServerHandlers.Exchange.cs
@@ -364,7 +364,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2029(Parameters.GrantType));
+                            description: SR.FormatID2029(Parameters.GrantType),
+                            uri: SR.FormatID8000(SR.ID2029));
 
                         return default;
                     }
@@ -376,7 +377,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.UnsupportedGrantType,
-                            description: SR.FormatID2032(Parameters.GrantType));
+                            description: SR.FormatID2032(Parameters.GrantType),
+                            uri: SR.FormatID8000(SR.ID2032));
 
                         return default;
                     }
@@ -387,7 +389,8 @@ namespace OpenIddict.Server
                     {
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2035(Scopes.OfflineAccess));
+                            description: SR.FormatID2035(Scopes.OfflineAccess),
+                            uri: SR.FormatID8000(SR.ID2035));
 
                         return default;
                     }
@@ -435,7 +438,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidClient,
-                            description: SR.FormatID2029(Parameters.ClientId));
+                            description: SR.FormatID2029(Parameters.ClientId),
+                            uri: SR.FormatID8000(SR.ID2029));
 
                         return default;
                     }
@@ -476,7 +480,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2029(Parameters.Code));
+                            description: SR.FormatID2029(Parameters.Code),
+                            uri: SR.FormatID8000(SR.ID2029));
 
                         return default;
                     }
@@ -516,7 +521,8 @@ namespace OpenIddict.Server
                     {
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2057(Parameters.ClientId, Parameters.ClientSecret));
+                            description: SR.FormatID2057(Parameters.ClientId, Parameters.ClientSecret),
+                            uri: SR.FormatID8000(SR.ID2057));
 
                         return default;
                     }
@@ -555,7 +561,8 @@ namespace OpenIddict.Server
                     {
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2058(Parameters.DeviceCode));
+                            description: SR.FormatID2058(Parameters.DeviceCode),
+                            uri: SR.FormatID8000(SR.ID2058));
 
                         return default;
                     }
@@ -596,7 +603,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2029(Parameters.RefreshToken));
+                            description: SR.FormatID2029(Parameters.RefreshToken),
+                            uri: SR.FormatID8000(SR.ID2029));
 
                         return default;
                     }
@@ -638,7 +646,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2059(Parameters.Username, Parameters.Password));
+                            description: SR.FormatID2059(Parameters.Username, Parameters.Password),
+                            uri: SR.FormatID8000(SR.ID2059));
 
                         return default;
                     }
@@ -685,7 +694,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2029(Parameters.CodeVerifier));
+                            description: SR.FormatID2029(Parameters.CodeVerifier),
+                            uri: SR.FormatID8000(SR.ID2029));
 
                         return default;
                     }
@@ -765,7 +775,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidScope,
-                            description: SR.FormatID2052(Parameters.Scope));
+                            description: SR.FormatID2052(Parameters.Scope),
+                            uri: SR.FormatID8000(SR.ID2052));
 
                         return;
                     }
@@ -816,7 +827,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidClient,
-                            description: SR.FormatID2052(Parameters.ClientId));
+                            description: SR.FormatID2052(Parameters.ClientId),
+                            uri: SR.FormatID8000(SR.ID2052));
 
                         return;
                     }
@@ -874,7 +886,8 @@ namespace OpenIddict.Server
 
                             context.Reject(
                                 error: Errors.UnauthorizedClient,
-                                description: SR.FormatID2043(Parameters.GrantType));
+                                description: SR.FormatID2043(Parameters.GrantType),
+                                uri: SR.FormatID8000(SR.ID2043));
 
                             return;
                         }
@@ -886,7 +899,8 @@ namespace OpenIddict.Server
 
                             context.Reject(
                                 error: Errors.InvalidClient,
-                                description: SR.FormatID2053(Parameters.ClientSecret));
+                                description: SR.FormatID2053(Parameters.ClientSecret),
+                                uri: SR.FormatID8000(SR.ID2053));
 
                             return;
                         }
@@ -901,7 +915,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidClient,
-                            description: SR.FormatID2054(Parameters.ClientSecret));
+                            description: SR.FormatID2054(Parameters.ClientSecret),
+                            uri: SR.FormatID8000(SR.ID2054));
 
                         return;
                     }
@@ -963,7 +978,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidClient,
-                            description: SR.GetResourceString(SR.ID2055));
+                            description: SR.GetResourceString(SR.ID2055),
+                            uri: SR.FormatID8000(SR.ID2055));
 
                         return;
                     }
@@ -1020,7 +1036,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.UnauthorizedClient,
-                            description: SR.GetResourceString(SR.ID2063));
+                            description: SR.GetResourceString(SR.ID2063),
+                            uri: SR.FormatID8000(SR.ID2063));
 
                         return;
                     }
@@ -1077,7 +1094,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.UnauthorizedClient,
-                            description: SR.GetResourceString(SR.ID2064));
+                            description: SR.GetResourceString(SR.ID2064),
+                            uri: SR.FormatID8000(SR.ID2064));
 
                         return;
                     }
@@ -1091,7 +1109,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2065(Scopes.OfflineAccess));
+                            description: SR.FormatID2065(Scopes.OfflineAccess),
+                            uri: SR.FormatID8000(SR.ID2065));
 
                         return;
                     }
@@ -1157,7 +1176,8 @@ namespace OpenIddict.Server
 
                             context.Reject(
                                 error: Errors.InvalidRequest,
-                                description: SR.GetResourceString(SR.ID2051));
+                                description: SR.GetResourceString(SR.ID2051),
+                                uri: SR.FormatID8000(SR.ID2051));
 
                             return;
                         }
@@ -1225,7 +1245,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2054(Parameters.CodeVerifier));
+                            description: SR.FormatID2054(Parameters.CodeVerifier),
+                            uri: SR.FormatID8000(SR.ID2054));
 
                         return;
                     }
@@ -1362,7 +1383,10 @@ namespace OpenIddict.Server
                             error: Errors.InvalidGrant,
                             description: context.Request.IsAuthorizationCodeGrantType() ? SR.GetResourceString(SR.ID2066) :
                                          context.Request.IsDeviceCodeGrantType()        ? SR.GetResourceString(SR.ID2067) :
-                                                                                          SR.GetResourceString(SR.ID2068));
+                                                                                          SR.GetResourceString(SR.ID2068),
+                            uri: context.Request.IsAuthorizationCodeGrantType() ? SR.FormatID8000(SR.ID2066) :
+                                 context.Request.IsDeviceCodeGrantType()        ? SR.FormatID8000(SR.ID2067) :
+                                                                                  SR.FormatID8000(SR.ID2068));
 
                         return default;
                     }
@@ -1379,7 +1403,10 @@ namespace OpenIddict.Server
                             error: Errors.InvalidGrant,
                             description: context.Request.IsAuthorizationCodeGrantType() ? SR.GetResourceString(SR.ID2069) :
                                          context.Request.IsDeviceCodeGrantType()        ? SR.GetResourceString(SR.ID2070) :
-                                                                                          SR.GetResourceString(SR.ID2071));
+                                                                                          SR.GetResourceString(SR.ID2071),
+                            uri: context.Request.IsAuthorizationCodeGrantType() ? SR.FormatID8000(SR.ID2069) :
+                                 context.Request.IsDeviceCodeGrantType()        ? SR.FormatID8000(SR.ID2070) :
+                                                                                  SR.FormatID8000(SR.ID2071));
 
                         return default;
                     }
@@ -1437,7 +1464,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2029(Parameters.RedirectUri));
+                            description: SR.FormatID2029(Parameters.RedirectUri),
+                            uri: SR.FormatID8000(SR.ID2029));
 
                         return default;
                     }
@@ -1448,7 +1476,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidGrant,
-                            description: SR.FormatID2072(Parameters.RedirectUri));
+                            description: SR.FormatID2072(Parameters.RedirectUri),
+                            uri: SR.FormatID8000(SR.ID2072));
 
                         return default;
                     }
@@ -1504,7 +1533,8 @@ namespace OpenIddict.Server
 
                             context.Reject(
                                 error: Errors.InvalidRequest,
-                                description: SR.FormatID2073(Parameters.CodeVerifier, Parameters.CodeChallenge));
+                                description: SR.FormatID2073(Parameters.CodeVerifier, Parameters.CodeChallenge),
+                                uri: SR.FormatID8000(SR.ID2073));
 
                             return default;
                         }
@@ -1519,7 +1549,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2029(Parameters.CodeVerifier));
+                            description: SR.FormatID2029(Parameters.CodeVerifier),
+                            uri: SR.FormatID8000(SR.ID2029));
 
                         return default;
                     }
@@ -1563,7 +1594,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidGrant,
-                            description: SR.FormatID2052(Parameters.CodeVerifier));
+                            description: SR.FormatID2052(Parameters.CodeVerifier),
+                            uri: SR.FormatID8000(SR.ID2052));
 
                         return default;
                     }
@@ -1618,7 +1650,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidGrant,
-                            description: SR.FormatID2074(Parameters.Scope));
+                            description: SR.FormatID2074(Parameters.Scope),
+                            uri: SR.FormatID8000(SR.ID2074));
 
                         return default;
                     }
@@ -1633,7 +1666,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidGrant,
-                            description: SR.FormatID2052(Parameters.Scope));
+                            description: SR.FormatID2052(Parameters.Scope),
+                            uri: SR.FormatID8000(SR.ID2052));
 
                         return default;
                     }
diff --git a/src/OpenIddict.Server/OpenIddictServerHandlers.Introspection.cs b/src/OpenIddict.Server/OpenIddictServerHandlers.Introspection.cs
index 6d537a97..134c6e2b 100644
--- a/src/OpenIddict.Server/OpenIddictServerHandlers.Introspection.cs
+++ b/src/OpenIddict.Server/OpenIddictServerHandlers.Introspection.cs
@@ -371,7 +371,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2029(Parameters.Token));
+                            description: SR.FormatID2029(Parameters.Token),
+                            uri: SR.FormatID8000(SR.ID2029));
 
                         return default;
                     }
@@ -410,7 +411,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidClient,
-                            description: SR.FormatID2029(Parameters.ClientId));
+                            description: SR.FormatID2029(Parameters.ClientId),
+                            uri: SR.FormatID8000(SR.ID2029));
 
                         return default;
                     }
@@ -463,7 +465,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidClient,
-                            description: SR.FormatID2052(Parameters.ClientId));
+                            description: SR.FormatID2052(Parameters.ClientId),
+                            uri: SR.FormatID8000(SR.ID2052));
 
                         return;
                     }
@@ -521,7 +524,8 @@ namespace OpenIddict.Server
 
                             context.Reject(
                                 error: Errors.InvalidClient,
-                                description: SR.FormatID2053(Parameters.ClientSecret));
+                                description: SR.FormatID2053(Parameters.ClientSecret),
+                                uri: SR.FormatID8000(SR.ID2053));
 
                             return;
                         }
@@ -536,7 +540,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidClient,
-                            description: SR.FormatID2054(Parameters.ClientSecret));
+                            description: SR.FormatID2054(Parameters.ClientSecret),
+                            uri: SR.FormatID8000(SR.ID2054));
 
                         return;
                     }
@@ -598,7 +603,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidClient,
-                            description: SR.GetResourceString(SR.ID2055));
+                            description: SR.GetResourceString(SR.ID2055),
+                            uri: SR.FormatID8000(SR.ID2055));
 
                         return;
                     }
@@ -655,7 +661,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.UnauthorizedClient,
-                            description: SR.GetResourceString(SR.ID2075));
+                            description: SR.GetResourceString(SR.ID2075),
+                            uri: SR.FormatID8000(SR.ID2075));
 
                         return;
                     }
@@ -751,7 +758,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.UnsupportedTokenType,
-                            description: SR.GetResourceString(SR.ID2076));
+                            description: SR.GetResourceString(SR.ID2076),
+                            uri: SR.FormatID8000(SR.ID2076));
 
                         return default;
                     }
@@ -803,7 +811,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidToken,
-                            description: SR.GetResourceString(SR.ID2077));
+                            description: SR.GetResourceString(SR.ID2077),
+                            uri: SR.FormatID8000(SR.ID2077));
 
                         return default;
                     }
@@ -819,7 +828,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidToken,
-                            description: SR.GetResourceString(SR.ID2077));
+                            description: SR.GetResourceString(SR.ID2077),
+                            uri: SR.FormatID8000(SR.ID2077));
 
                         return default;
                     }
diff --git a/src/OpenIddict.Server/OpenIddictServerHandlers.Revocation.cs b/src/OpenIddict.Server/OpenIddictServerHandlers.Revocation.cs
index 4f7ee927..895e3361 100644
--- a/src/OpenIddict.Server/OpenIddictServerHandlers.Revocation.cs
+++ b/src/OpenIddict.Server/OpenIddictServerHandlers.Revocation.cs
@@ -314,7 +314,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2029(Parameters.Token));
+                            description: SR.FormatID2029(Parameters.Token),
+                            uri: SR.FormatID8000(SR.ID2029));
 
                         return default;
                     }
@@ -353,7 +354,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidClient,
-                            description: SR.FormatID2029(Parameters.ClientId));
+                            description: SR.FormatID2029(Parameters.ClientId),
+                            uri: SR.FormatID8000(SR.ID2029));
 
                         return default;
                     }
@@ -406,7 +408,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidClient,
-                            description: SR.FormatID2052(Parameters.ClientId));
+                            description: SR.FormatID2052(Parameters.ClientId),
+                            uri: SR.FormatID8000(SR.ID2052));
 
                         return;
                     }
@@ -464,7 +467,8 @@ namespace OpenIddict.Server
 
                             context.Reject(
                                 error: Errors.InvalidClient,
-                                description: SR.FormatID2053(Parameters.ClientSecret));
+                                description: SR.FormatID2053(Parameters.ClientSecret),
+                                uri: SR.FormatID8000(SR.ID2053));
 
                             return;
                         }
@@ -479,7 +483,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidClient,
-                            description: SR.FormatID2054(Parameters.ClientSecret));
+                            description: SR.FormatID2054(Parameters.ClientSecret),
+                            uri: SR.FormatID8000(SR.ID2054));
 
                         return;
                     }
@@ -541,7 +546,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidClient,
-                            description: SR.GetResourceString(SR.ID2055));
+                            description: SR.GetResourceString(SR.ID2055),
+                            uri: SR.FormatID8000(SR.ID2055));
 
                         return;
                     }
@@ -598,7 +604,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.UnauthorizedClient,
-                            description: SR.GetResourceString(SR.ID2078));
+                            description: SR.GetResourceString(SR.ID2078),
+                            uri: SR.FormatID8000(SR.ID2078));
 
                         return;
                     }
@@ -694,7 +701,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.UnsupportedTokenType,
-                            description: SR.GetResourceString(SR.ID2079));
+                            description: SR.GetResourceString(SR.ID2079),
+                            uri: SR.FormatID8000(SR.ID2079));
 
                         return default;
                     }
@@ -746,7 +754,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidToken,
-                            description: SR.GetResourceString(SR.ID2080));
+                            description: SR.GetResourceString(SR.ID2080),
+                            uri: SR.FormatID8000(SR.ID2080));
 
                         return default;
                     }
@@ -762,7 +771,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidToken,
-                            description: SR.GetResourceString(SR.ID2080));
+                            description: SR.GetResourceString(SR.ID2080),
+                            uri: SR.FormatID8000(SR.ID2080));
 
                         return default;
                     }
@@ -847,7 +857,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.UnsupportedTokenType,
-                            description: SR.GetResourceString(SR.ID2079));
+                            description: SR.GetResourceString(SR.ID2079),
+                            uri: SR.FormatID8000(SR.ID2079));
 
                         return;
                     }
@@ -859,7 +870,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidToken,
-                            description: SR.GetResourceString(SR.ID2004));
+                            description: SR.GetResourceString(SR.ID2004),
+                            uri: SR.FormatID8000(SR.ID2004));
 
                         return;
                     }
@@ -869,7 +881,8 @@ namespace OpenIddict.Server
                     {
                         context.Reject(
                             error: Errors.UnsupportedTokenType,
-                            description: SR.GetResourceString(SR.ID2079));
+                            description: SR.GetResourceString(SR.ID2079),
+                            uri: SR.FormatID8000(SR.ID2079));
 
                         return;
                     }
diff --git a/src/OpenIddict.Server/OpenIddictServerHandlers.Session.cs b/src/OpenIddict.Server/OpenIddictServerHandlers.Session.cs
index b1bde8f8..4c90992d 100644
--- a/src/OpenIddict.Server/OpenIddictServerHandlers.Session.cs
+++ b/src/OpenIddict.Server/OpenIddictServerHandlers.Session.cs
@@ -338,7 +338,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2030(Parameters.PostLogoutRedirectUri));
+                            description: SR.FormatID2030(Parameters.PostLogoutRedirectUri),
+                            uri: SR.FormatID8000(SR.ID2030));
 
                         return default;
                     }
@@ -349,7 +350,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2031(Parameters.PostLogoutRedirectUri));
+                            description: SR.FormatID2031(Parameters.PostLogoutRedirectUri),
+                            uri: SR.FormatID8000(SR.ID2031));
 
                         return default;
                     }
@@ -399,7 +401,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.InvalidRequest,
-                            description: SR.FormatID2052(Parameters.PostLogoutRedirectUri));
+                            description: SR.FormatID2052(Parameters.PostLogoutRedirectUri),
+                            uri: SR.FormatID8000(SR.ID2052));
 
                         return;
                     }
diff --git a/src/OpenIddict.Server/OpenIddictServerHandlers.Userinfo.cs b/src/OpenIddict.Server/OpenIddictServerHandlers.Userinfo.cs
index 5b18ecd1..a882e764 100644
--- a/src/OpenIddict.Server/OpenIddictServerHandlers.Userinfo.cs
+++ b/src/OpenIddict.Server/OpenIddictServerHandlers.Userinfo.cs
@@ -339,7 +339,8 @@ namespace OpenIddict.Server
 
                         context.Reject(
                             error: Errors.MissingToken,
-                            description: SR.FormatID2029(Parameters.AccessToken));
+                            description: SR.FormatID2029(Parameters.AccessToken),
+                            uri: SR.FormatID8000(SR.ID2029));
 
                         return default;
                     }
diff --git a/src/OpenIddict.Server/OpenIddictServerHandlers.cs b/src/OpenIddict.Server/OpenIddictServerHandlers.cs
index cc637313..7bef88c1 100644
--- a/src/OpenIddict.Server/OpenIddictServerHandlers.cs
+++ b/src/OpenIddict.Server/OpenIddictServerHandlers.cs
@@ -213,7 +213,8 @@ namespace OpenIddict.Server
                 {
                     context.Reject(
                         error: Errors.InvalidRequest,
-                        description: SR.GetResourceString(SR.ID2000));
+                        description: SR.GetResourceString(SR.ID2000),
+                        uri: SR.FormatID8000(SR.ID2000));
 
                     return default;
                 }
@@ -345,6 +346,17 @@ namespace OpenIddict.Server
                                 => SR.GetResourceString(SR.ID2003),
 
                             _ => SR.GetResourceString(SR.ID2004)
+                        },
+                        uri: context.EndpointType switch
+                        {
+                            OpenIddictServerEndpointType.Token when context.Request.IsAuthorizationCodeGrantType()
+                                => SR.FormatID8000(SR.ID2001),
+                            OpenIddictServerEndpointType.Token when context.Request.IsDeviceCodeGrantType()
+                                => SR.FormatID8000(SR.ID2002),
+                            OpenIddictServerEndpointType.Token when context.Request.IsRefreshTokenGrantType()
+                                => SR.FormatID8000(SR.ID2003),
+
+                            _ => SR.FormatID8000(SR.ID2004),
                         });
 
                     return;
@@ -472,6 +484,30 @@ namespace OpenIddict.Server
                             SecurityTokenInvalidSignatureException     => SR.GetResourceString(SR.ID2091),
 
                             _ => SR.GetResourceString(SR.ID2004)
+                        },
+                        uri: result.Exception switch
+                        {
+                            SecurityTokenInvalidTypeException => context.EndpointType switch
+                            {
+                                OpenIddictServerEndpointType.Token when context.Request.IsAuthorizationCodeGrantType()
+                                    => SR.FormatID8000(SR.ID2005),
+
+                                OpenIddictServerEndpointType.Token when context.Request.IsDeviceCodeGrantType()
+                                    => SR.FormatID8000(SR.ID2006),
+
+                                OpenIddictServerEndpointType.Token when context.Request.IsRefreshTokenGrantType()
+                                    => SR.FormatID8000(SR.ID2007),
+
+                                OpenIddictServerEndpointType.Userinfo => SR.FormatID8000(SR.ID2008),
+
+                                _ => SR.FormatID8000(SR.ID2089)
+                            },
+
+                            SecurityTokenInvalidIssuerException        => SR.FormatID8000(SR.ID2088),
+                            SecurityTokenSignatureKeyNotFoundException => SR.FormatID8000(SR.ID2090),
+                            SecurityTokenInvalidSignatureException     => SR.FormatID8000(SR.ID2091),
+
+                            _ => SR.FormatID8000(SR.ID2004)
                         });
 
                     return default;
@@ -771,6 +807,20 @@ namespace OpenIddict.Server
                                 => SR.GetResourceString(SR.ID2003),
 
                             _ => SR.GetResourceString(SR.ID2004)
+                        },
+                        uri: context.EndpointType switch
+                        {
+                            OpenIddictServerEndpointType.Authorization or OpenIddictServerEndpointType.Logout
+                                => SR.FormatID8000(SR.ID2009),
+
+                            OpenIddictServerEndpointType.Token when context.Request.IsAuthorizationCodeGrantType()
+                                => SR.FormatID8000(SR.ID2001),
+                            OpenIddictServerEndpointType.Token when context.Request.IsDeviceCodeGrantType()
+                                => SR.FormatID8000(SR.ID2002),
+                            OpenIddictServerEndpointType.Token when context.Request.IsRefreshTokenGrantType()
+                                => SR.FormatID8000(SR.ID2003),
+
+                            _ => SR.FormatID8000(SR.ID2004)
                         });
 
 
@@ -863,6 +913,17 @@ namespace OpenIddict.Server
                                 => SR.GetResourceString(SR.ID2003),
 
                             _ => SR.GetResourceString(SR.ID2004)
+                        },
+                        uri: context.EndpointType switch
+                        {
+                            OpenIddictServerEndpointType.Token when context.Request.IsAuthorizationCodeGrantType()
+                                => SR.FormatID8000(SR.ID2001),
+                            OpenIddictServerEndpointType.Token when context.Request.IsDeviceCodeGrantType()
+                                => SR.FormatID8000(SR.ID2002),
+                            OpenIddictServerEndpointType.Token when context.Request.IsRefreshTokenGrantType()
+                                => SR.FormatID8000(SR.ID2003),
+
+                            _ => SR.FormatID8000(SR.ID2004)
                         });
 
                     return;
@@ -900,6 +961,17 @@ namespace OpenIddict.Server
                                         => SR.GetResourceString(SR.ID2012),
 
                                     _ => SR.GetResourceString(SR.ID2013)
+                                },
+                                uri: context.EndpointType switch
+                                {
+                                    OpenIddictServerEndpointType.Token when context.Request.IsAuthorizationCodeGrantType()
+                                        => SR.FormatID8000(SR.ID2010),
+                                    OpenIddictServerEndpointType.Token when context.Request.IsDeviceCodeGrantType()
+                                        => SR.FormatID8000(SR.ID2011),
+                                    OpenIddictServerEndpointType.Token when context.Request.IsRefreshTokenGrantType()
+                                        => SR.FormatID8000(SR.ID2012),
+
+                                    _ => SR.FormatID8000(SR.ID2013)
                                 });
 
                             // Revoke all the token entries associated with the authorization.
@@ -920,7 +992,8 @@ namespace OpenIddict.Server
 
                             context.Reject(
                                 error: Errors.AuthorizationPending,
-                                description: SR.GetResourceString(SR.ID2014));
+                                description: SR.GetResourceString(SR.ID2014),
+                                uri: SR.FormatID8000(SR.ID2014));
 
                             return;
                         }
@@ -932,7 +1005,8 @@ namespace OpenIddict.Server
 
                             context.Reject(
                                 error: Errors.AccessDenied,
-                                description: SR.GetResourceString(SR.ID2015));
+                                description: SR.GetResourceString(SR.ID2015),
+                                uri: SR.FormatID8000(SR.ID2015));
 
                             return;
                         }
@@ -959,6 +1033,17 @@ namespace OpenIddict.Server
                                 => SR.GetResourceString(SR.ID2018),
 
                             _ => SR.GetResourceString(SR.ID2019)
+                        },
+                        uri: context.EndpointType switch
+                        {
+                            OpenIddictServerEndpointType.Token when context.Request.IsAuthorizationCodeGrantType()
+                                => SR.FormatID8000(SR.ID2016),
+                            OpenIddictServerEndpointType.Token when context.Request.IsDeviceCodeGrantType()
+                                => SR.FormatID8000(SR.ID2017),
+                            OpenIddictServerEndpointType.Token when context.Request.IsRefreshTokenGrantType()
+                                => SR.FormatID8000(SR.ID2018),
+
+                            _ => SR.FormatID8000(SR.ID2019)
                         });
 
                     return;
@@ -1068,6 +1153,17 @@ namespace OpenIddict.Server
                                 => SR.GetResourceString(SR.ID2022),
 
                             _ => SR.GetResourceString(SR.ID2023)
+                        },
+                        uri: context.EndpointType switch
+                        {
+                            OpenIddictServerEndpointType.Token when context.Request.IsAuthorizationCodeGrantType()
+                                => SR.FormatID8000(SR.ID2020),
+                            OpenIddictServerEndpointType.Token when context.Request.IsDeviceCodeGrantType()
+                                => SR.FormatID8000(SR.ID2021),
+                            OpenIddictServerEndpointType.Token when context.Request.IsRefreshTokenGrantType()
+                                => SR.FormatID8000(SR.ID2022),
+
+                            _ => SR.FormatID8000(SR.ID2023)
                         });
 
                     return;
@@ -1129,6 +1225,17 @@ namespace OpenIddict.Server
                                 => SR.GetResourceString(SR.ID2018),
 
                             _ => SR.GetResourceString(SR.ID2019)
+                        },
+                        uri: context.EndpointType switch
+                        {
+                            OpenIddictServerEndpointType.Token when context.Request.IsAuthorizationCodeGrantType()
+                                => SR.FormatID8000(SR.ID2016),
+                            OpenIddictServerEndpointType.Token when context.Request.IsDeviceCodeGrantType()
+                                => SR.FormatID8000(SR.ID2017),
+                            OpenIddictServerEndpointType.Token when context.Request.IsRefreshTokenGrantType()
+                                => SR.FormatID8000(SR.ID2018),
+
+                            _ => SR.FormatID8000(SR.ID2019)
                         });
 
                     return default;
@@ -1218,6 +1325,17 @@ namespace OpenIddict.Server
                     _ => throw new InvalidOperationException(SR.GetResourceString(SR.ID0006))
                 };
 
+                context.Response.ErrorUri ??= context.EndpointType switch
+                {
+                    OpenIddictServerEndpointType.Authorization or OpenIddictServerEndpointType.Verification
+                        => SR.FormatID8000(SR.ID2015),
+
+                    OpenIddictServerEndpointType.Token    => SR.FormatID8000(SR.ID2024),
+                    OpenIddictServerEndpointType.Userinfo => SR.FormatID8000(SR.ID2025),
+
+                    _ => throw new InvalidOperationException(SR.GetResourceString(SR.ID0006))
+                };
+
                 return default;
             }
         }
diff --git a/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreHandlers.cs b/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreHandlers.cs
index 2901efa4..249161a2 100644
--- a/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreHandlers.cs
+++ b/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreHandlers.cs
@@ -109,7 +109,8 @@ namespace OpenIddict.Validation.AspNetCore
                 {
                     context.Reject(
                         error: Errors.InvalidRequest,
-                        description: SR.FormatID2081(HeaderNames.Host));
+                        description: SR.FormatID2081(HeaderNames.Host),
+                        uri: SR.FormatID8000(SR.ID2081));
 
                     return default;
                 }
@@ -119,7 +120,8 @@ namespace OpenIddict.Validation.AspNetCore
                 {
                     context.Reject(
                         error: Errors.InvalidRequest,
-                        description: SR.FormatID2082(HeaderNames.Host));
+                        description: SR.FormatID2082(HeaderNames.Host),
+                        uri: SR.FormatID8000(SR.ID2082));
 
                     return default;
                 }
diff --git a/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionHandlers.cs b/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionHandlers.cs
index 14a51c6f..c8a02c54 100644
--- a/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionHandlers.cs
+++ b/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionHandlers.cs
@@ -106,7 +106,8 @@ namespace OpenIddict.Validation.DataProtection
                 {
                     context.Reject(
                         error: Errors.InvalidToken,
-                        description: SR.GetResourceString(SR.ID2004));
+                        description: SR.GetResourceString(SR.ID2004),
+                        uri: SR.FormatID8000(SR.ID2004));
 
                     return default;
                 }
diff --git a/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinHandlers.cs b/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinHandlers.cs
index f7951695..02c3f70f 100644
--- a/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinHandlers.cs
+++ b/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinHandlers.cs
@@ -107,7 +107,8 @@ namespace OpenIddict.Validation.Owin
                 {
                     context.Reject(
                         error: Errors.InvalidRequest,
-                        description: SR.FormatID2081(Headers.Host));
+                        description: SR.FormatID2081(Headers.Host),
+                        uri: SR.FormatID8000(SR.ID2081));
 
                     return default;
                 }
@@ -117,7 +118,8 @@ namespace OpenIddict.Validation.Owin
                 {
                     context.Reject(
                         error: Errors.InvalidRequest,
-                        description: SR.FormatID2082(Headers.Host));
+                        description: SR.FormatID2082(Headers.Host),
+                        uri: SR.FormatID8000(SR.ID2082));
 
                     return default;
                 }
diff --git a/src/OpenIddict.Validation/OpenIddictValidationHandlers.Discovery.cs b/src/OpenIddict.Validation/OpenIddictValidationHandlers.Discovery.cs
index f5ec99e2..291e69aa 100644
--- a/src/OpenIddict.Validation/OpenIddictValidationHandlers.Discovery.cs
+++ b/src/OpenIddict.Validation/OpenIddictValidationHandlers.Discovery.cs
@@ -63,7 +63,8 @@ namespace OpenIddict.Validation
                     {
                         context.Reject(
                             error: Errors.ServerError,
-                            description: SR.GetResourceString(SR.ID2096));
+                            description: SR.GetResourceString(SR.ID2096),
+                            uri: SR.FormatID8000(SR.ID2096));
 
                         return default;
                     }
@@ -72,7 +73,8 @@ namespace OpenIddict.Validation
                     {
                         context.Reject(
                             error: Errors.ServerError,
-                            description: SR.GetResourceString(SR.ID2097));
+                            description: SR.GetResourceString(SR.ID2097),
+                            uri: SR.FormatID8000(SR.ID2097));
 
                         return default;
                     }
@@ -81,7 +83,8 @@ namespace OpenIddict.Validation
                     {
                         context.Reject(
                             error: Errors.ServerError,
-                            description: SR.GetResourceString(SR.ID2098));
+                            description: SR.GetResourceString(SR.ID2098),
+                            uri: SR.FormatID8000(SR.ID2098));
 
                         return default;
                     }
@@ -122,7 +125,8 @@ namespace OpenIddict.Validation
                     {
                         context.Reject(
                             error: Errors.ServerError,
-                            description: SR.GetResourceString(SR.ID2099));
+                            description: SR.GetResourceString(SR.ID2099),
+                            uri: SR.FormatID8000(SR.ID2099));
 
                         return default;
                     }
@@ -131,7 +135,8 @@ namespace OpenIddict.Validation
                     {
                         context.Reject(
                             error: Errors.ServerError,
-                            description: SR.GetResourceString(SR.ID2100));
+                            description: SR.GetResourceString(SR.ID2100),
+                            uri: SR.FormatID8000(SR.ID2100));
 
                         return default;
                     }
@@ -170,7 +175,8 @@ namespace OpenIddict.Validation
                     {
                         context.Reject(
                             error: Errors.ServerError,
-                            description: SR.GetResourceString(SR.ID2101));
+                            description: SR.GetResourceString(SR.ID2101),
+                            uri: SR.FormatID8000(SR.ID2101));
 
                         return default;
                     }
@@ -224,7 +230,8 @@ namespace OpenIddict.Validation
                     {
                         context.Reject(
                             error: Errors.ServerError,
-                            description: SR.FormatID2102(JsonWebKeySetParameterNames.Keys));
+                            description: SR.FormatID2102(JsonWebKeySetParameterNames.Keys),
+                            uri: SR.FormatID8000(SR.ID2102));
 
                         return default;
                     }
@@ -270,7 +277,8 @@ namespace OpenIddict.Validation
                         {
                             context.Reject(
                                 error: Errors.ServerError,
-                                description: SR.GetResourceString(SR.ID2103));
+                                description: SR.GetResourceString(SR.ID2103),
+                                uri: SR.FormatID8000(SR.ID2103));
 
                             return default;
                         }
@@ -281,7 +289,8 @@ namespace OpenIddict.Validation
                         {
                             context.Reject(
                                 error: Errors.ServerError,
-                                description: SR.GetResourceString(SR.ID2104));
+                                description: SR.GetResourceString(SR.ID2104),
+                                uri: SR.FormatID8000(SR.ID2104));
 
                             return default;
                         }
@@ -292,7 +301,8 @@ namespace OpenIddict.Validation
                         {
                             context.Reject(
                                 error: Errors.ServerError,
-                                description: SR.GetResourceString(SR.ID2104));
+                                description: SR.GetResourceString(SR.ID2104),
+                                uri: SR.FormatID8000(SR.ID2104));
 
                             return default;
                         }
diff --git a/src/OpenIddict.Validation/OpenIddictValidationHandlers.Introspection.cs b/src/OpenIddict.Validation/OpenIddictValidationHandlers.Introspection.cs
index 04112d5d..311eacd8 100644
--- a/src/OpenIddict.Validation/OpenIddictValidationHandlers.Introspection.cs
+++ b/src/OpenIddict.Validation/OpenIddictValidationHandlers.Introspection.cs
@@ -131,7 +131,8 @@ namespace OpenIddict.Validation
                     {
                         context.Reject(
                             error: Errors.ServerError,
-                            description: SR.FormatID2105(Parameters.Active));
+                            description: SR.FormatID2105(Parameters.Active),
+                            uri: SR.FormatID8000(SR.ID2105));
 
                         return default;
                     }
@@ -142,7 +143,8 @@ namespace OpenIddict.Validation
                     {
                         context.Reject(
                             error: Errors.InvalidToken,
-                            description: SR.GetResourceString(SR.ID2106));
+                            description: SR.GetResourceString(SR.ID2106),
+                            uri: SR.FormatID8000(SR.ID2106));
 
                         return default;
                     }
@@ -183,7 +185,8 @@ namespace OpenIddict.Validation
 
                         context.Reject(
                             error: Errors.ServerError,
-                            description: SR.FormatID2107(parameter.Key));
+                            description: SR.FormatID2107(parameter.Key),
+                            uri: SR.FormatID8000(SR.ID2107));
 
                         return default;
                     }
@@ -258,7 +261,8 @@ namespace OpenIddict.Validation
                         {
                             context.Reject(
                                 error: Errors.ServerError,
-                                description: SR.GetResourceString(SR.ID2108));
+                                description: SR.GetResourceString(SR.ID2108),
+                                uri: SR.FormatID8000(SR.ID2108));
 
                             return default;
                         }
@@ -267,7 +271,8 @@ namespace OpenIddict.Validation
                         {
                             context.Reject(
                                 error: Errors.ServerError,
-                                description: SR.GetResourceString(SR.ID2109));
+                                description: SR.GetResourceString(SR.ID2109),
+                                uri: SR.FormatID8000(SR.ID2109));
 
                             return default;
                         }
@@ -311,7 +316,8 @@ namespace OpenIddict.Validation
                         {
                             context.Reject(
                                 error: Errors.InvalidToken,
-                                description: SR.GetResourceString(SR.ID2110));
+                                description: SR.GetResourceString(SR.ID2110),
+                                uri: SR.FormatID8000(SR.ID2110));
 
                             return default;
                         }
diff --git a/src/OpenIddict.Validation/OpenIddictValidationHandlers.cs b/src/OpenIddict.Validation/OpenIddictValidationHandlers.cs
index dbb1f248..085a777a 100644
--- a/src/OpenIddict.Validation/OpenIddictValidationHandlers.cs
+++ b/src/OpenIddict.Validation/OpenIddictValidationHandlers.cs
@@ -85,7 +85,8 @@ namespace OpenIddict.Validation
                 {
                     context.Reject(
                         error: Errors.MissingToken,
-                        description: SR.GetResourceString(SR.ID2000));
+                        description: SR.GetResourceString(SR.ID2000),
+                        uri: SR.FormatID8000(SR.ID2000));
 
                     return default;
                 }
@@ -146,7 +147,8 @@ namespace OpenIddict.Validation
                 {
                     context.Reject(
                         error: Errors.InvalidToken,
-                        description: SR.GetResourceString(SR.ID2004));
+                        description: SR.GetResourceString(SR.ID2004),
+                        uri: SR.FormatID8000(SR.ID2004));
 
                     return;
                 }
@@ -254,6 +256,15 @@ namespace OpenIddict.Validation
                             SecurityTokenInvalidSignatureException     => SR.GetResourceString(SR.ID2091),
 
                             _ => SR.GetResourceString(SR.ID2004)
+                        },
+                        uri: result.Exception switch
+                        {
+                            SecurityTokenInvalidIssuerException        => SR.FormatID8000(SR.ID2088),
+                            SecurityTokenInvalidTypeException          => SR.FormatID8000(SR.ID2089),
+                            SecurityTokenSignatureKeyNotFoundException => SR.FormatID8000(SR.ID2090),
+                            SecurityTokenInvalidSignatureException     => SR.FormatID8000(SR.ID2091),
+
+                            _ => SR.FormatID8000(SR.ID2004)
                         });
 
                     return;
@@ -324,7 +335,8 @@ namespace OpenIddict.Validation
                 {
                     context.Reject(
                         error: Errors.ServerError,
-                        description: SR.GetResourceString(SR.ID2092));
+                        description: SR.GetResourceString(SR.ID2092),
+                        uri: SR.FormatID8000(SR.ID2092));
 
                     return;
                 }
@@ -349,7 +361,8 @@ namespace OpenIddict.Validation
 
                     context.Reject(
                         error: Errors.InvalidToken,
-                        description: SR.GetResourceString(SR.ID2004));
+                        description: SR.GetResourceString(SR.ID2004),
+                        uri: SR.FormatID8000(SR.ID2004));
 
                     return;
                 }
@@ -591,7 +604,8 @@ namespace OpenIddict.Validation
                 {
                     context.Reject(
                         error: Errors.InvalidToken,
-                        description: SR.GetResourceString(SR.ID2004));
+                        description: SR.GetResourceString(SR.ID2004),
+                        uri: SR.FormatID8000(SR.ID2004));
 
                     return default;
                 }
@@ -650,7 +664,8 @@ namespace OpenIddict.Validation
 
                     context.Reject(
                         error: Errors.InvalidToken,
-                        description: SR.GetResourceString(SR.ID2019));
+                        description: SR.GetResourceString(SR.ID2019),
+                        uri: SR.FormatID8000(SR.ID2019));
 
                     return default;
                 }
@@ -700,7 +715,8 @@ namespace OpenIddict.Validation
 
                     context.Reject(
                         error: Errors.InvalidToken,
-                        description: SR.GetResourceString(SR.ID2093));
+                        description: SR.GetResourceString(SR.ID2093),
+                        uri: SR.FormatID8000(SR.ID2093));
 
                     return default;
                 }
@@ -712,7 +728,8 @@ namespace OpenIddict.Validation
 
                     context.Reject(
                         error: Errors.InvalidToken,
-                        description: SR.GetResourceString(SR.ID2094));
+                        description: SR.GetResourceString(SR.ID2094),
+                        uri: SR.FormatID8000(SR.ID2094));
 
                     return default;
                 }
@@ -770,7 +787,8 @@ namespace OpenIddict.Validation
 
                     context.Reject(
                         error: Errors.InvalidToken,
-                        description: SR.GetResourceString(SR.ID2019));
+                        description: SR.GetResourceString(SR.ID2019),
+                        uri: SR.FormatID8000(SR.ID2019));
 
                     return;
                 }
@@ -833,7 +851,8 @@ namespace OpenIddict.Validation
 
                     context.Reject(
                         error: Errors.InvalidToken,
-                        description: SR.GetResourceString(SR.ID2023));
+                        description: SR.GetResourceString(SR.ID2023),
+                        uri: SR.FormatID8000(SR.ID2023));
 
                     return;
                 }
@@ -892,6 +911,7 @@ namespace OpenIddict.Validation
                 {
                     context.Response.Error = Errors.InsufficientAccess;
                     context.Response.ErrorDescription = SR.GetResourceString(SR.ID2095);
+                    context.Response.ErrorUri = SR.FormatID8000(SR.ID2095);
                 }
 
                 return default;
diff --git a/test/OpenIddict.Server.AspNetCore.IntegrationTests/OpenIddictServerAspNetCoreIntegrationTests.cs b/test/OpenIddict.Server.AspNetCore.IntegrationTests/OpenIddictServerAspNetCoreIntegrationTests.cs
index de31579f..e4c44603 100644
--- a/test/OpenIddict.Server.AspNetCore.IntegrationTests/OpenIddictServerAspNetCoreIntegrationTests.cs
+++ b/test/OpenIddict.Server.AspNetCore.IntegrationTests/OpenIddictServerAspNetCoreIntegrationTests.cs
@@ -289,6 +289,7 @@ namespace OpenIddict.Server.AspNetCore.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2083), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2083), response.ErrorUri);
         }
 
         [Theory]
diff --git a/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Authentication.cs b/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Authentication.cs
index 7ec61b37..f34329a3 100644
--- a/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Authentication.cs
+++ b/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Authentication.cs
@@ -41,6 +41,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2084), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2084), response.ErrorUri);
         }
 
         [Fact]
@@ -65,6 +66,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.RequestNotSupported, response.Error);
             Assert.Equal(SR.FormatID2028(Parameters.Request), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2028), response.ErrorUri);
         }
 
         [Fact]
@@ -87,6 +89,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.RequestUriNotSupported, response.Error);
             Assert.Equal(SR.FormatID2028(Parameters.RequestUri), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2028), response.ErrorUri);
         }
 
         [Theory]
@@ -197,6 +200,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2029(Parameters.ClientId), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2029), response.ErrorUri);
         }
 
         [Fact]
@@ -217,6 +221,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2029(Parameters.RedirectUri), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2029), response.ErrorUri);
         }
 
         [Theory]
@@ -241,6 +246,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(string.Format(SR.GetResourceString(message), Parameters.RedirectUri), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(message), response.ErrorUri);
         }
 
         [Fact]
@@ -262,6 +268,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2029(Parameters.ResponseType), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2029), response.ErrorUri);
         }
 
         [Theory]
@@ -290,6 +297,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2033(Parameters.ResponseType, Parameters.ResponseMode), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2033), response.ErrorUri);
         }
 
         [Theory]
@@ -317,6 +325,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2029(Parameters.Nonce), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2029), response.ErrorUri);
         }
 
         [Theory]
@@ -341,6 +350,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2034(Scopes.OpenId), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2034), response.ErrorUri);
         }
 
         [Theory]
@@ -367,6 +377,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2052(Parameters.Prompt), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2052), response.ErrorUri);
         }
 
         [Theory]
@@ -411,6 +422,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Null(response.Error);
             Assert.Null(response.ErrorDescription);
+            Assert.Null(response.ErrorUri);
             Assert.NotNull(response.AccessToken);
             Assert.NotNull(response.Code);
             Assert.NotNull(response.IdToken);
@@ -440,6 +452,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2029(Parameters.CodeChallenge), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2029), response.ErrorUri);
         }
 
         [Fact]
@@ -474,6 +487,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Null(response.Error);
             Assert.Null(response.ErrorDescription);
+            Assert.Null(response.ErrorUri);
             Assert.NotNull(response.Code);
         }
 
@@ -502,6 +516,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2040(Parameters.CodeChallenge, Parameters.CodeChallengeMethod, ResponseTypes.Code), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2040), response.ErrorUri);
         }
 
         [Fact]
@@ -524,6 +539,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2037(Parameters.CodeChallengeMethod, Parameters.CodeChallenge), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2037), response.ErrorUri);
         }
 
         [Fact]
@@ -547,6 +563,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2032(Parameters.CodeChallengeMethod), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2032), response.ErrorUri);
         }
 
         [Fact]
@@ -567,6 +584,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.UnsupportedResponseType, response.Error);
             Assert.Equal(SR.FormatID2032(Parameters.ResponseType), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2032), response.ErrorUri);
         }
 
         [Theory]
@@ -604,6 +622,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.UnsupportedResponseType, response.Error);
             Assert.Equal(SR.FormatID2032(Parameters.ResponseType), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2032), response.ErrorUri);
         }
 
         [Theory]
@@ -638,6 +657,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.UnsupportedResponseType, response.Error);
             Assert.Equal(SR.FormatID2032(Parameters.ResponseType), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2032), response.ErrorUri);
         }
 
         [Fact]
@@ -660,6 +680,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2032(Parameters.ResponseMode), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2032), response.ErrorUri);
         }
 
         [Fact]
@@ -705,6 +726,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidScope, response.Error);
             Assert.Equal(SR.FormatID2052(Parameters.Scope), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2052), response.ErrorUri);
         }
 
         [Fact]
@@ -835,6 +857,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2035(Scopes.OfflineAccess), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2035), response.ErrorUri);
         }
 
         [Fact]
@@ -856,6 +879,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2032(Parameters.ResponseMode), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2032), response.ErrorUri);
         }
 
         [Fact]
@@ -878,6 +902,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2029(Parameters.CodeChallengeMethod), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2029), response.ErrorUri);
         }
 
         [Fact]
@@ -906,6 +931,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2032(Parameters.CodeChallengeMethod), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2032), response.ErrorUri);
         }
 
         [Fact]
@@ -928,6 +954,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2032(Parameters.CodeChallengeMethod), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2032), response.ErrorUri);
         }
 
         [Theory]
@@ -996,6 +1023,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2041(Parameters.ResponseType), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2041), response.ErrorUri);
         }
 
         [Fact]
@@ -1017,6 +1045,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2029(Parameters.RedirectUri), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2029), response.ErrorUri);
         }
 
         [Fact]
@@ -1103,6 +1132,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2052(Parameters.ClientId), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2052), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
         }
@@ -1149,6 +1179,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.UnauthorizedClient, response.Error);
             Assert.Equal(SR.FormatID2043(Parameters.ResponseType), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2043), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasClientTypeAsync(application, ClientTypes.Confidential, It.IsAny<CancellationToken>()), Times.Once());
@@ -1193,6 +1224,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.UnauthorizedClient, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2046), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2046), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasPermissionAsync(application,
@@ -1271,6 +1303,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.UnauthorizedClient, response.Error);
             Assert.Equal(SR.GetResourceString(description), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(description), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasPermissionAsync(application, permissions[0], It.IsAny<CancellationToken>()), Times.Once());
@@ -1324,6 +1357,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.UnauthorizedClient, response.Error);
             Assert.Equal(SR.FormatID2043(Parameters.ResponseType), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2043), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.GetPermissionsAsync(application, It.IsAny<CancellationToken>()), Times.Once());
@@ -1437,6 +1471,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2065(Scopes.OfflineAccess), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2065), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.HasPermissionAsync(application,
                 Permissions.GrantTypes.RefreshToken, It.IsAny<CancellationToken>()), Times.Once());
@@ -1475,6 +1510,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2043(Parameters.RedirectUri), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2043), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.ValidateRedirectUriAsync(application, "http://www.fabrikam.com/path", It.IsAny<CancellationToken>()), Times.Once());
@@ -1524,6 +1560,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2051), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2051), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.HasPermissionAsync(application,
                 Permissions.Prefixes.Scope + Scopes.OpenId, It.IsAny<CancellationToken>()), Times.Never());
@@ -1574,6 +1611,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2054(Parameters.CodeChallenge), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2054), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasRequirementAsync(application,
diff --git a/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Device.cs b/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Device.cs
index 0262b309..e1fadbdd 100644
--- a/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Device.cs
+++ b/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Device.cs
@@ -42,6 +42,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2084), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2084), response.ErrorUri);
         }
 
         [Theory]
@@ -152,6 +153,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidClient, response.Error);
             Assert.Equal(SR.FormatID2029(Parameters.ClientId), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2029), response.ErrorUri);
         }
 
         [Fact]
@@ -188,6 +190,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2035(Scopes.OfflineAccess), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2035), response.ErrorUri);
         }
 
         [Fact]
@@ -228,6 +231,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidScope, response.Error);
             Assert.Equal(SR.FormatID2052(Parameters.Scope), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2052), response.ErrorUri);
         }
 
         [Fact]
@@ -365,6 +369,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidClient, response.Error);
             Assert.Equal(SR.FormatID2052(Parameters.ClientId), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2052), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
         }
@@ -401,6 +406,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidClient, response.Error);
             Assert.Equal(SR.FormatID2053(Parameters.ClientSecret), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2053), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasClientTypeAsync(application, ClientTypes.Public, It.IsAny<CancellationToken>()), Times.Once());
@@ -438,6 +444,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidClient, response.Error);
             Assert.Equal(SR.FormatID2054(Parameters.ClientSecret), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2054), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasClientTypeAsync(application, ClientTypes.Public, It.IsAny<CancellationToken>()), Times.Once());
@@ -478,6 +485,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidClient, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2055), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2055), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasClientTypeAsync(application, ClientTypes.Public, It.IsAny<CancellationToken>()), Times.AtLeastOnce());
@@ -521,6 +529,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.UnauthorizedClient, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2056), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2056), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasPermissionAsync(application,
@@ -564,6 +573,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.UnauthorizedClient, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2121), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2121), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasPermissionAsync(application,
@@ -612,6 +622,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2065(Scopes.OfflineAccess), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2065), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.HasPermissionAsync(application,
                 Permissions.GrantTypes.RefreshToken, It.IsAny<CancellationToken>()), Times.Once());
@@ -660,6 +671,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2051), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2051), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.HasPermissionAsync(application,
                 Permissions.Prefixes.Scope + Scopes.OpenId, It.IsAny<CancellationToken>()), Times.Never());
@@ -976,6 +988,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2084), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2084), response.ErrorUri);
         }
 
         [Theory]
diff --git a/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Discovery.cs b/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Discovery.cs
index b369edac..40c07ac6 100644
--- a/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Discovery.cs
+++ b/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Discovery.cs
@@ -41,6 +41,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2084), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2084), response.ErrorUri);
         }
 
         [Theory]
@@ -1017,6 +1018,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2084), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2084), response.ErrorUri);
         }
 
         [Theory]
diff --git a/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Exchange.cs b/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Exchange.cs
index 8a50e29a..007b1eab 100644
--- a/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Exchange.cs
+++ b/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Exchange.cs
@@ -43,6 +43,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2084), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2084), response.ErrorUri);
         }
 
         [Theory]
@@ -153,6 +154,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2029(Parameters.GrantType), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2029), response.ErrorUri);
         }
 
         [Fact]
@@ -173,6 +175,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidClient, response.Error);
             Assert.Equal(SR.FormatID2029(Parameters.ClientId), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2029), response.ErrorUri);
         }
 
         [Fact]
@@ -193,6 +196,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2029(Parameters.Code), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2029), response.ErrorUri);
         }
 
         [Fact]
@@ -212,6 +216,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2029(Parameters.RefreshToken), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2029), response.ErrorUri);
         }
 
         [Theory]
@@ -235,6 +240,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2057(Parameters.ClientId, Parameters.ClientSecret), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2057), response.ErrorUri);
         }
 
         [Theory]
@@ -258,6 +264,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2059(Parameters.Username, Parameters.Password), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2059), response.ErrorUri);
         }
 
         [Fact]
@@ -285,6 +292,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2029(Parameters.CodeVerifier), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2029), response.ErrorUri);
         }
 
         [Fact]
@@ -357,6 +365,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2001), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2001), response.ErrorUri);
         }
 
         [Fact]
@@ -376,6 +385,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2003), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2003), response.ErrorUri);
         }
 
         [Fact]
@@ -418,6 +428,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2016), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2016), response.ErrorUri);
         }
 
         [Fact]
@@ -459,6 +470,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2018), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2018), response.ErrorUri);
         }
 
         [Fact]
@@ -544,6 +556,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2069), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2069), response.ErrorUri);
         }
 
         [Fact]
@@ -586,6 +599,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2071), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2071), response.ErrorUri);
         }
 
         [Fact]
@@ -630,6 +644,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2029(Parameters.RedirectUri), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2029), response.ErrorUri);
         }
 
         [Fact]
@@ -674,6 +689,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.FormatID2072(Parameters.RedirectUri), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2072), response.ErrorUri);
         }
 
         [Fact]
@@ -717,6 +733,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2073(Parameters.CodeVerifier, Parameters.CodeChallenge), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2073), response.ErrorUri);
         }
 
         [Fact]
@@ -762,6 +779,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2029(Parameters.CodeVerifier), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2029), response.ErrorUri);
         }
 
         [Fact]
@@ -901,6 +919,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.FormatID2052(Parameters.CodeVerifier), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2052), response.ErrorUri);
         }
 
         [Theory]
@@ -1001,6 +1020,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.FormatID2074(Parameters.Scope), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2074), response.ErrorUri);
         }
 
         [Fact]
@@ -1046,6 +1066,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.FormatID2052(Parameters.Scope), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2052), response.ErrorUri);
         }
 
         [Fact]
@@ -1089,6 +1110,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.FormatID2074(Parameters.Scope), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2074), response.ErrorUri);
         }
 
         [Fact]
@@ -1132,6 +1154,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.FormatID2052(Parameters.Scope), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2052), response.ErrorUri);
         }
 
         [Theory]
@@ -1165,6 +1188,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.UnsupportedGrantType, response.Error);
             Assert.Equal(SR.FormatID2032(Parameters.GrantType), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2032), response.ErrorUri);
         }
 
         [Fact]
@@ -1192,6 +1216,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2035(Scopes.OfflineAccess), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2035), response.ErrorUri);
         }
 
         [Fact]
@@ -1223,6 +1248,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidScope, response.Error);
             Assert.Equal(SR.FormatID2052(Parameters.Scope), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2052), response.ErrorUri);
         }
 
         [Fact]
@@ -1336,6 +1362,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2057(Parameters.ClientId, Parameters.ClientSecret), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2057), response.ErrorUri);
         }
 
         [Fact]
@@ -1362,6 +1389,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidClient, response.Error);
             Assert.Equal(SR.FormatID2029(Parameters.ClientId), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2029), response.ErrorUri);
         }
 
         [Fact]
@@ -1393,6 +1421,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidClient, response.Error);
             Assert.Equal(SR.FormatID2052(Parameters.ClientId), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2052), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
         }
@@ -1430,6 +1459,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.UnauthorizedClient, response.Error);
             Assert.Equal(SR.FormatID2043(Parameters.GrantType), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2043), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasClientTypeAsync(application, ClientTypes.Public, It.IsAny<CancellationToken>()), Times.Once());
@@ -1470,6 +1500,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidClient, response.Error);
             Assert.Equal(SR.FormatID2053(Parameters.ClientSecret), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2053), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasClientTypeAsync(application, ClientTypes.Public, It.IsAny<CancellationToken>()), Times.Once());
@@ -1510,6 +1541,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidClient, response.Error);
             Assert.Equal(SR.FormatID2054(Parameters.ClientSecret), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2054), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasClientTypeAsync(application, ClientTypes.Public, It.IsAny<CancellationToken>()), Times.Once());
@@ -1553,6 +1585,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidClient, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2055), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2055), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasClientTypeAsync(application, ClientTypes.Public, It.IsAny<CancellationToken>()), Times.AtLeastOnce());
@@ -1599,6 +1632,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.UnauthorizedClient, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2063), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2063), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasPermissionAsync(application,
@@ -1645,6 +1679,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.UnauthorizedClient, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2064), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2064), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasPermissionAsync(application,
@@ -1696,6 +1731,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2065(Scopes.OfflineAccess), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2065), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.HasPermissionAsync(application,
                 Permissions.GrantTypes.RefreshToken, It.IsAny<CancellationToken>()), Times.Once());
@@ -1747,6 +1783,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2051), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2051), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.HasPermissionAsync(application,
                 Permissions.Prefixes.Scope + Scopes.OpenId, It.IsAny<CancellationToken>()), Times.Never());
@@ -1797,6 +1834,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2054(Parameters.CodeVerifier), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2054), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.HasRequirementAsync(application,
                 Requirements.Features.ProofKeyForCodeExchange, It.IsAny<CancellationToken>()), Times.Once());
@@ -2226,6 +2264,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2001), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2001), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByIdAsync("3E228451-1555-46F7-A471-951EFBA23A56", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
         }
@@ -2285,6 +2324,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2003), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2003), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByIdAsync("60FFF7EA-F98E-437B-937E-5073CC313103", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
         }
@@ -2365,6 +2405,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2010), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2010), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByIdAsync("3E228451-1555-46F7-A471-951EFBA23A56", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasStatusAsync(token, Statuses.Redeemed, It.IsAny<CancellationToken>()), Times.Once());
@@ -2438,6 +2479,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2012), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2012), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByIdAsync("60FFF7EA-F98E-437B-937E-5073CC313103", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasStatusAsync(token, Statuses.Redeemed, It.IsAny<CancellationToken>()), Times.Once());
@@ -2511,6 +2553,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2012), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2012), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByIdAsync("60FFF7EA-F98E-437B-937E-5073CC313103", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasStatusAsync(token, Statuses.Redeemed, It.IsAny<CancellationToken>()), Times.Once());
@@ -2684,6 +2727,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2010), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2010), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByIdAsync("3E228451-1555-46F7-A471-951EFBA23A56", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasStatusAsync(tokens[0], Statuses.Redeemed, It.IsAny<CancellationToken>()), Times.Once());
@@ -2776,6 +2820,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2012), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2012), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByIdAsync("60FFF7EA-F98E-437B-937E-5073CC313103", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasStatusAsync(tokens[0], Statuses.Redeemed, It.IsAny<CancellationToken>()), Times.Once());
@@ -2868,6 +2913,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2012), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2012), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByIdAsync("60FFF7EA-F98E-437B-937E-5073CC313103", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasStatusAsync(tokens[0], Statuses.Redeemed, It.IsAny<CancellationToken>()), Times.Once());
@@ -3060,6 +3106,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2016), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2016), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByIdAsync("3E228451-1555-46F7-A471-951EFBA23A56", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasStatusAsync(token, Statuses.Redeemed, It.IsAny<CancellationToken>()), Times.Once());
@@ -3133,6 +3180,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2018), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2018), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByIdAsync("60FFF7EA-F98E-437B-937E-5073CC313103", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasStatusAsync(token, Statuses.Valid, It.IsAny<CancellationToken>()), Times.Once());
@@ -3414,6 +3462,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2020), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2020), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByIdAsync("18D15F73-BE2B-6867-DC01-B3C1E8AFDED0", It.IsAny<CancellationToken>()), Times.Once());
         }
@@ -3512,6 +3561,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2020), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2020), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByIdAsync("18D15F73-BE2B-6867-DC01-B3C1E8AFDED0", It.IsAny<CancellationToken>()), Times.Once());
             Mock.Get(manager).Verify(manager => manager.HasStatusAsync(authorization, Statuses.Valid, It.IsAny<CancellationToken>()), Times.Once());
@@ -3592,6 +3642,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2022), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2022), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByIdAsync("18D15F73-BE2B-6867-DC01-B3C1E8AFDED0", It.IsAny<CancellationToken>()), Times.Once());
         }
@@ -3676,6 +3727,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2022), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2022), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByIdAsync("18D15F73-BE2B-6867-DC01-B3C1E8AFDED0", It.IsAny<CancellationToken>()), Times.Once());
             Mock.Get(manager).Verify(manager => manager.HasStatusAsync(authorization, Statuses.Valid, It.IsAny<CancellationToken>()), Times.Once());
diff --git a/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Introspection.cs b/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Introspection.cs
index 01687e82..4adfa0f7 100644
--- a/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Introspection.cs
+++ b/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Introspection.cs
@@ -43,6 +43,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2084), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2084), response.ErrorUri);
         }
 
         [Theory]
@@ -153,6 +154,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2029(Parameters.Token), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2029), response.ErrorUri);
         }
 
         [Fact]
@@ -177,6 +179,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidToken, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2004), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2004), response.ErrorUri);
         }
 
         [Fact]
@@ -218,6 +221,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidToken, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2019), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2019), response.ErrorUri);
         }
 
         [Theory]
@@ -263,6 +267,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.UnsupportedTokenType, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2076), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2076), response.ErrorUri);
         }
 
         [Fact]
@@ -306,6 +311,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidToken, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2077), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2077), response.ErrorUri);
         }
 
         [Fact]
@@ -348,6 +354,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidToken, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2077), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2077), response.ErrorUri);
         }
 
         [Fact]
@@ -370,6 +377,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidClient, response.Error);
             Assert.Equal(SR.FormatID2029(Parameters.ClientId), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2029), response.ErrorUri);
         }
 
         [Fact]
@@ -400,6 +408,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidClient, response.Error);
             Assert.Equal(SR.FormatID2052(Parameters.ClientId), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2052), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.Once());
         }
@@ -442,6 +451,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.UnauthorizedClient, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2075), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2075), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasPermissionAsync(application,
@@ -481,6 +491,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidClient, response.Error);
             Assert.Equal(SR.FormatID2053(Parameters.ClientSecret), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2053), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasClientTypeAsync(application, ClientTypes.Public, It.IsAny<CancellationToken>()), Times.Once());
@@ -519,6 +530,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidClient, response.Error);
             Assert.Equal(SR.FormatID2054(Parameters.ClientSecret), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2054), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasClientTypeAsync(application, ClientTypes.Public, It.IsAny<CancellationToken>()), Times.Once());
@@ -1070,6 +1082,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidToken, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2004), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2004), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByReferenceIdAsync("QaTk2f6UPe9trKismGBJr0OIs0KqpvNrqRsJqGuJAAI", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
         }
@@ -1255,6 +1268,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidToken, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2023), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2023), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByIdAsync("18D15F73-BE2B-6867-DC01-B3C1E8AFDED0", It.IsAny<CancellationToken>()), Times.Once());
         }
@@ -1353,6 +1367,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidToken, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2023), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2023), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByIdAsync("18D15F73-BE2B-6867-DC01-B3C1E8AFDED0", It.IsAny<CancellationToken>()), Times.Once());
             Mock.Get(manager).Verify(manager => manager.HasStatusAsync(authorization, Statuses.Valid, It.IsAny<CancellationToken>()), Times.Once());
@@ -1438,6 +1453,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidToken, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2019), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2019), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByReferenceIdAsync("QaTk2f6UPe9trKismGBJr0OIs0KqpvNrqRsJqGuJAAI", It.IsAny<CancellationToken>()), Times.Once());
             Mock.Get(manager).Verify(manager => manager.HasStatusAsync(token, Statuses.Valid, It.IsAny<CancellationToken>()), Times.Once());
diff --git a/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Revocation.cs b/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Revocation.cs
index cd408010..4f6f91de 100644
--- a/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Revocation.cs
+++ b/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Revocation.cs
@@ -41,6 +41,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2084), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2084), response.ErrorUri);
         }
 
         [Theory]
@@ -151,6 +152,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2029(Parameters.Token), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2029), response.ErrorUri);
         }
 
         [Theory]
@@ -196,6 +198,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.UnsupportedTokenType, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2079), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2079), response.ErrorUri);
         }
 
         [Fact]
@@ -239,6 +242,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidToken, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2080), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2080), response.ErrorUri);
         }
 
         [Fact]
@@ -281,6 +285,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidToken, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2080), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2080), response.ErrorUri);
         }
 
         [Fact]
@@ -304,6 +309,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidClient, response.Error);
             Assert.Equal(SR.FormatID2029(Parameters.ClientId), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2029), response.ErrorUri);
         }
 
         [Fact]
@@ -334,6 +340,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidClient, response.Error);
             Assert.Equal(SR.FormatID2052(Parameters.ClientId), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2052), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
         }
@@ -377,6 +384,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.UnauthorizedClient, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2078), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2078), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasPermissionAsync(application,
@@ -417,6 +425,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidClient, response.Error);
             Assert.Equal(SR.FormatID2053(Parameters.ClientSecret), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2053), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasClientTypeAsync(application, ClientTypes.Public, It.IsAny<CancellationToken>()), Times.Once());
@@ -456,6 +465,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidClient, response.Error);
             Assert.Equal(SR.FormatID2054(Parameters.ClientSecret), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2054), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasClientTypeAsync(application, ClientTypes.Public, It.IsAny<CancellationToken>()), Times.Once());
@@ -498,6 +508,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidClient, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2055), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2055), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.HasClientTypeAsync(application, ClientTypes.Public, It.IsAny<CancellationToken>()), Times.AtLeastOnce());
@@ -694,6 +705,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidToken, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2004), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2004), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByIdAsync("3E228451-1555-46F7-A471-951EFBA23A56", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.TryRevokeAsync(It.IsAny<OpenIddictToken>(), It.IsAny<CancellationToken>()), Times.Never());
@@ -754,6 +766,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidToken, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2019), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2019), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByIdAsync("3E228451-1555-46F7-A471-951EFBA23A56", It.IsAny<CancellationToken>()), Times.AtLeastOnce());
             Mock.Get(manager).Verify(manager => manager.TryRevokeAsync(It.IsAny<OpenIddictToken>(), It.IsAny<CancellationToken>()), Times.Never());
diff --git a/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Session.cs b/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Session.cs
index 087c203e..b619c763 100644
--- a/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Session.cs
+++ b/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Session.cs
@@ -38,6 +38,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2084), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2084), response.ErrorUri);
         }
 
         [Theory]
@@ -152,6 +153,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(string.Format(SR.GetResourceString(message), Parameters.PostLogoutRedirectUri), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(message), response.ErrorUri);
         }
 
         [Fact]
@@ -180,6 +182,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2052(Parameters.PostLogoutRedirectUri), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2052), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByPostLogoutRedirectUriAsync("http://www.fabrikam.com/path", It.IsAny<CancellationToken>()), Times.Once());
         }
@@ -224,6 +227,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.FormatID2052(Parameters.PostLogoutRedirectUri), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2052), response.ErrorUri);
 
             Mock.Get(manager).Verify(manager => manager.FindByPostLogoutRedirectUriAsync("http://www.fabrikam.com/path", It.IsAny<CancellationToken>()), Times.Once());
             Mock.Get(manager).Verify(manager => manager.HasPermissionAsync(applications[0], Permissions.Endpoints.Logout, It.IsAny<CancellationToken>()), Times.Once());
diff --git a/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Userinfo.cs b/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Userinfo.cs
index 19eef9ef..e62ac645 100644
--- a/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Userinfo.cs
+++ b/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Userinfo.cs
@@ -38,6 +38,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2084), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2084), response.ErrorUri);
         }
 
         [Theory]
@@ -165,6 +166,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidToken, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2004), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2004), response.ErrorUri);
         }
 
         [Fact]
@@ -203,6 +205,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidToken, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2019), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2019), response.ErrorUri);
         }
 
         [Theory]
diff --git a/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.cs b/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.cs
index 9e34625a..8f4a302c 100644
--- a/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.cs
+++ b/test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.cs
@@ -1180,7 +1180,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.AccessDenied, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2015), response.ErrorDescription);
-            Assert.Null(response.ErrorUri);
+            Assert.Equal(SR.FormatID8000(SR.ID2015), response.ErrorUri);
         }
 
         [Fact]
@@ -1214,7 +1214,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidGrant, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2024), response.ErrorDescription);
-            Assert.Null(response.ErrorUri);
+            Assert.Equal(SR.FormatID8000(SR.ID2024), response.ErrorUri);
         }
 
         [Fact]
@@ -1262,7 +1262,7 @@ namespace OpenIddict.Server.IntegrationTests
             // Assert
             Assert.Equal(Errors.InsufficientAccess, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2025), response.ErrorDescription);
-            Assert.Null(response.ErrorUri);
+            Assert.Equal(SR.FormatID8000(SR.ID2025), response.ErrorUri);
         }
 
         [Theory]
diff --git a/test/OpenIddict.Server.Owin.IntegrationTests/OpenIddictServerOwinIntegrationTests.cs b/test/OpenIddict.Server.Owin.IntegrationTests/OpenIddictServerOwinIntegrationTests.cs
index 2fa558b1..ad6b31e5 100644
--- a/test/OpenIddict.Server.Owin.IntegrationTests/OpenIddictServerOwinIntegrationTests.cs
+++ b/test/OpenIddict.Server.Owin.IntegrationTests/OpenIddictServerOwinIntegrationTests.cs
@@ -246,6 +246,7 @@ namespace OpenIddict.Server.Owin.IntegrationTests
             // Assert
             Assert.Equal(Errors.InvalidRequest, response.Error);
             Assert.Equal(SR.GetResourceString(SR.ID2083), response.ErrorDescription);
+            Assert.Equal(SR.FormatID8000(SR.ID2083), response.ErrorUri);
         }
 
         [Theory]