We are using EntityFrameworkCore with Identity Server4. After initial setup, the discovery endpoint of identity server (localhost:6000/.well-known/openid-configuration
) is working fine. When we tried to call the connect/token
endpoint from postman it gives 400 bad request response. Here is our client:
public static IEnumerable<Client> GetClients()
{
return new List<Client>
{
new Client
{
ClientId = "client",
// no interactive user, use the clientid/secret for authentication
AllowedGrantTypes = GrantTypes.HybridAndClientCredentials,
// secret for authentication
ClientSecrets =
{
new Secret("secret".Sha256())
},
// scopes that client has access to
AllowedScopes = { ApiResourceName.Sup_Api.Description() }
},
new Client
{
ClientId = "client2",
// no interactive user, use the clientid/secret for authentication
AllowedGrantTypes = GrantTypes.HybridAndClientCredentials,
// secret for authentication
ClientSecrets =
{
new Secret("secret".Sha256())
},
// scopes that client has access to
AllowedScopes = { "sup"}
}
};
}
Here is postman connect/token post request:
http://localhost:6000/connect/token
?client_id=client2
&client_secret=secret
&grant_type=client_credentials
&scope=sup
Response:
{
"error": "invalid_request"
}
You don't pass the parameters via the query string. It's meant to be in the body, using a content type of application/x-www-form-urlencoded
.
See: https://www.rfc-editor.org/rfc/rfc6749#section-4.1.3
Make it HTTP POST request instead of browser's HTTP GET request
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With