diff --git a/dashboard/src/views/LoginView.vue b/dashboard/src/views/LoginView.vue
index 39696aba6..185e7f235 100644
--- a/dashboard/src/views/LoginView.vue
+++ b/dashboard/src/views/LoginView.vue
@@ -9,6 +9,7 @@ const busy = ref(false);
 const passwordError = ref(null);
 const totpError = ref(null);
 const internalError = ref(null);
+const oidcError = ref('');
 const username = ref('');
 const password = ref('');
 const totpToken = ref('');
@@ -26,6 +27,7 @@ async function onSubmit() {
   passwordError.value = false;
   totpError.value = false;
   internalError.value = false;
+  oidcError.value = '';
 
   const body = {
     username: username.value,
@@ -53,6 +55,9 @@ async function onSubmit() {
       if (res.body.redirectTo) return window.location.href = res.body.redirectTo;
       console.error('login success but missing redirectTo in data:', res.body);
       internalError.value = true;
+    } else if (res.status >= 400 && res.status < 500) {
+      oidcError.value = 'OpenID Error: ' + (res.body.message || '') + '. Will reload in 5 seconds';
+      setTimeout(() => window.location.href = '/', 5000);
     } else {
       internalError.value = true;
     }
@@ -107,6 +112,7 @@ onMounted(async () => {
 
           <div class="error-label" v-if="passwordError">{{ $t('login.errorIncorrectCredentials') }}</div>
           <div class="error-label" v-if="internalError">{{ $t('login.errorInternal') }}</div>
+          <div class="error-label" v-if="oidcError">{{ oidcError }}</div>
 
           <div style="margin-top: 20px">
             <Button style="margin-right: 6px" id="loginSubmitButton" @click.prevent="onSubmit" :loading="busy">{{ $t('login.signInAction') }}</Button>
diff --git a/src/oidcserver.js b/src/oidcserver.js
index 32cad6c00..36f845b65 100644
--- a/src/oidcserver.js
+++ b/src/oidcserver.js
@@ -320,8 +320,11 @@ async function renderError(error) {
     return html;
 }
 
-async function renderInteractionPage(req, res) {
-    const { uid, prompt, params, session } = await gOidcProvider.interactionDetails(req, res);
+async function renderInteractionPage(req, res, next) {
+    const [detailsError, details] = await safe(gOidcProvider.interactionDetails(req, res));
+    if (detailsError) return next(new HttpError(detailsError.statusCode, detailsError.error_description));
+
+    const { uid, prompt, params, session } = details;
 
     const client = await oidcClients.get(params.client_id);
     if (!client) return res.send(await renderError(new Error('Client not found')));
@@ -384,10 +387,7 @@ async function renderInteractionPage(req, res) {
 
 async function interactionLogin(req, res, next) {
     const [detailsError, details] = await safe(gOidcProvider.interactionDetails(req, res));
-    if (detailsError) {
-        if (detailsError.error_description === 'interaction session not found') return next(new HttpError(410, 'session timeout'));
-        return next(new HttpError(400, detailsError));
-    }
+    if (detailsError) return next(new HttpError(detailsError.statusCode, detailsError.error_description));
 
     const ip = req.headers['x-forwarded-for'] || req.socket.remoteAddress || null;
     const clientId = details.params.client_id;