diff --git a/src/Auth/AccessToken.php b/src/Auth/AccessToken.php
index 4661e63..7213fe6 100644
--- a/src/Auth/AccessToken.php
+++ b/src/Auth/AccessToken.php
@@ -105,7 +105,7 @@ public function validateIdToken($claims)
     {
         $token = $this->parseIdToken();
         if (empty($token)) {
-            throw new Exception('ID Token is invalid.');
+            throw new Exception('ID Token is invalid.', 401);
         }
 
         $default = array(
@@ -119,26 +119,26 @@ public function validateIdToken($claims)
 
         // Validate expiration
         if (time() >= (int) $token['exp']) {
-            throw new Exception('ID Token already expired.');
+            throw new Exception('ID Token already expired.', 401);
         }
 
         // Validate issuer
         if (empty($claims['iss']) || $claims['iss'] !== $token['iss']) {
-            throw new Exception('Access Token has a wrong issuer: must contain issuer from OpenId.');
+            throw new Exception('Access Token has a wrong issuer: must contain issuer from OpenId.', 422);
         }
 
         // Validate audience
         $audience = (array) $token['aud'];
         if (empty($claims['aud']) || ! in_array($claims['aud'], $audience, true)) {
-            throw new Exception('Access Token has a wrong audience: must contain clientId.');
+            throw new Exception('Access Token has a wrong audience: must contain clientId.', 422);
         }
 
         if (count($audience) > 1 && empty($token['azp'])) {
-            throw new Exception('Access Token has a wrong audience: must contain azp claim.');
+            throw new Exception('Access Token has a wrong audience: must contain azp claim.', 422);
         }
 
         if (! empty($token['azp']) && $claims['aud'] !== $token['azp']) {
-            throw new Exception('Access Token has a wrong audience: has azp but is not the clientId.');
+            throw new Exception('Access Token has a wrong audience: has azp but is not the clientId.', 422);
         }
     }
 
diff --git a/src/Services/SSOService.php b/src/Services/SSOService.php
index e92b9ef..1ffadf2 100644
--- a/src/Services/SSOService.php
+++ b/src/Services/SSOService.php
@@ -586,7 +586,7 @@ public function impersonateRequest($credentials = array(), $username)
             $response = (new \GuzzleHttp\Client())->request('POST', $url, ['headers' => $headers, 'form_params' => $form_params]);
             
             if ($response->getStatusCode() !== 200) {
-                throw new Exception('User not allowed to impersonate');
+                throw new Exception('User not allowed to impersonate', 403);
             }
 
             $response_body = $response->getBody()->getContents();
diff --git a/src/Support/OpenIDConfig.php b/src/Support/OpenIDConfig.php
index d15ec4a..db6430d 100644
--- a/src/Support/OpenIDConfig.php
+++ b/src/Support/OpenIDConfig.php
@@ -69,7 +69,7 @@ protected function config()
         $response = (new \GuzzleHttp\Client())->request('GET', $url);
 
         if ($response->getStatusCode() !== 200) {
-            throw new Exception('[SSO Error] It was not possible to load OpenId configuration: ' . $response->throw());
+            throw new Exception('[SSO Error] It was not possible to load OpenId configuration: ' . $response->getStatusCode());
         }
 
         $configuration = json_decode($response->getBody()->getContents(), true);