diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java
index f85f38b61..78fbfa603 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java
@@ -75,12 +75,15 @@ public class BlacklistAPI {
 			BlacklistedSite newBlacklist = blacklistService.saveNew(blacklist);
 			m.put("entity", newBlacklist);
 			
-		} catch (JsonSyntaxException e) {
-			//TODO: Error Handling
+		} 
+		//TODO: Java 7 combine catch statements
+		catch (JsonSyntaxException e) {
+			m.put("code", HttpStatus.BAD_REQUEST);
+			return "httpCodeView";
 		} catch (IllegalStateException e) {
-			
+			m.put("code", HttpStatus.BAD_REQUEST);
+			return "httpCodeView";
 		}
-
 		
 		return "jsonEntityView";
 		
@@ -101,10 +104,14 @@ public class BlacklistAPI {
 			json = parser.parse(jsonString).getAsJsonObject();
 			blacklist = gson.fromJson(json, BlacklistedSite.class);
 			
-		} catch (JsonSyntaxException e) {
-			//TODO: Error Handling
+		} 
+		//TODO: Java 7 combine catch statements
+		catch (JsonSyntaxException e) {
+			m.put("code", HttpStatus.BAD_REQUEST);
+			return "httpCodeView";
 		} catch (IllegalStateException e) {
-			
+			m.put("code", HttpStatus.BAD_REQUEST);
+			return "httpCodeView";
 		}
 		
 		
diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java
index 109c5cdc9..a42588f25 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java
@@ -131,10 +131,14 @@ public class ClientAPI {
     	try {
     		json = parser.parse(jsonString).getAsJsonObject();
     		client = gson.fromJson(json, ClientDetailsEntity.class);
-    	} catch (JsonSyntaxException e) {
-    		//TODO: Error Handling
+    	} 
+    	//TODO: Java 7 combine catch statements
+    	catch (JsonSyntaxException e) {
+    		m.addAttribute("code", HttpStatus.BAD_REQUEST);
+			return "httpCodeView";
     	} catch (IllegalStateException e) {
-			
+    		m.addAttribute("code", HttpStatus.BAD_REQUEST);
+			return "httpCodeView";
 		}
     	
         // if they leave the client secret empty, force it to be generated
@@ -181,10 +185,14 @@ public class ClientAPI {
     		// parse the client passed in (from JSON) and fetch the old client from the store
     		json = parser.parse(jsonString).getAsJsonObject();
     		client = gson.fromJson(json, ClientDetailsEntity.class);
-    	} catch (JsonSyntaxException e) {
-    		//TODO: Error Handling
+    	} 
+    	//TODO: Java 7 combine catch statements
+    	catch (JsonSyntaxException e) {
+    		m.addAttribute("code", HttpStatus.BAD_REQUEST);
+			return "httpCodeView";
     	} catch (IllegalStateException e) {
-			
+    		m.addAttribute("code", HttpStatus.BAD_REQUEST);
+			return "httpCodeView";
 		}
 
         ClientDetailsEntity oldClient = clientService.getClientById(id);