Question
Michele De Chiffre · Aug 19, 2022

Unknown grant type OAuth 2.0 Authorization Code Flow

I'm trying to authorise my app using OAuth 2.0 i Cache. Sadly I'm unable to exchange the authorization code for an access token.

I am able to redirect user to the /authorize page, where the user can login and approve my app. The user is then correctly redirected back to my app and a ?code parameter is sent back.

However when I try to make a POST request to the /token endpoint to exchange the authorization code for an access token I get the following error (from https://localhost:10443/oauth2/token which responds HTTP CODE 400 Bad Request):

{
  "error": "invalid_request",
  "error_description": "Unknown grant_type"
}

My payload (of the request) looks like:


grant_type=authorization_code
&client_id=[my client id is inserted here]
&client_secret=[my client secret is inserted here]
&redirect_uri=https://localhost:5173/#/oauth-response?callback=1
&code=NEuMKVNtVIufJK3Zc3s9v0WTwhJUQSQbmNvSLxJXFNcuhCuhAdcHbWQ3mhvu9KkCSWiHyVL2ozGzXCOq-sIUHQ
&code_verifier=MjE3MTEyNjM3NTQxODAxNzUxOTcyNDEyODMxNzk5NzIwODIyNzEyNTExNDQzODEwMTE0OTI1NTEyNjc3MjE4NTMxNTk4MTEzNDMxMTMzNzM=

 

My request looks like this:

Can someone please help me track down what I'm doing wrong?

Product version: Caché 2018.1
$ZV: Cache for Windows (x86-64) 2018.1.7 (Build 721U) Fri Mar 18 2022 22:07:35 EDT
0
0 128
Discussion (1)1
Log in or sign up to continue

I solved it by make the following changes:

1. set the client to use form encoded body as authentication type (in the OAuth 2.0 setup of the Management Portal)

2. Move the grant_type parameter to the querystring (like https://[oauth-server-adress]/token?grant_type=authorization_code

3. make sure the POST request used form encoded body as content type