IdentityServer "invalid_client" error always returned

Question

I'm trying to use IdentityServer3, but don't know why I'm getting "invalid_client" error always, always no matter what I do.

This is the code I'm using:

//Startup.cs (Auth c# project)
public void Configuration(IAppBuilder app) {
    var inMemoryManager = new InMemoryManager();
    var factory = new IdentityServerServiceFactory()
        .UseInMemoryClients(inMemoryManager.GetClients())
        .UseInMemoryScopes(inMemoryManager.GetScopes())
        .UseInMemoryUsers(inMemoryManager.GetUsers());

    var options = new IdentityServerOptions {
        Factory = factory,
        RequireSsl = false
    };

    app.UseIdentityServer(options);
}

InMemoryManager helper.

//InMemoryManager.cs
public class InMemoryManager {
    public List<InMemoryUser> GetUsers() {
        return new List<InMemoryUser> {
            new InMemoryUser {
                Username = "alice",
                Password = "password",
                Subject = "2",
                Claims = new [] {
                    new Claim("User name", "Alice")
                }
            }
        };
    }

    public IEnumerable<Scope> GetScopes() {
        return new[] {
            new Scope {
                Name = "api1",
                DisplayName = "API 1"
            }
        };
    }

    public IEnumerable<Client> GetClients() {
        return new[] {
            new Client {
                ClientName = "Silicon on behalf of Carbon Client",
                ClientId = "carbon",
                Enabled = true,
                //AccessTokenType = AccessTokenType.Reference,

                Flow = Flows.ResourceOwner,

                ClientSecrets = new List<Secret> {
                    new Secret("secret".Sha256())
                },

                AllowedScopes = new List<string> {
                    "api1"
                }
            }
        };
    }
}

This is the result I always get.

I'm using postman to try the Auth Server, but I always get that error. I've read another solutions but none seeme to works, I don't know what else to try.

Cheers.

Answer 1

Just add the client_secret: secret in your Body. It will work!

Answer 2

Late answer, but for me this happened following the IdentityServer 4 tutorial when trying to log in with a username and password. I used the code from the first tutorial (using client credentials), and modified the client to use passwords. Afterwards, I kept getting this error.

To fix it, in the IdentityServer project, config.cs, in the GetClients method, set AllowedGrantTypes to GrantTypes.ResourceOwnerPassword, and change ClientId from client to ro.client (or whatever the client name is that you use in the Client project's program.cs).

Answer 3

Your request shoud be as follows:

1. Authorisation header with clientId/clientSecret. carbon/secret in Your case.
2. In Body. username/password shoud be alice/password in Your case. If Your don't need to refresh tokens, You might exclude offline_access scope from request.