Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

oauth2 error AADSTS90014: The request body must contain the following parameter: 'grant_type'

Tags:

From the development in Windev I use Oauth 2.0 for authorization to get access to the outlook mail from a user.

The application is registered at https://apps.dev.microsoft.com without the Implicit workflow. After the user enters the credentials, an Authorization Code is returned. With the new code the Bearer Token is requested with a HTTP Post command.

So far, so good.

Only that the response gives an error message that makes no sense to me.

In code:

m_sHTTPUrl = "client_id=" + m_sClientID + "&client_secret=" ...     + m_sClientSecret ...     + "&redirect_uri=" + m_sRedirectURL + "&code=" + m_sAuthToken ...     + "&grant_type=authorization_code" m_sHTTPres = "" LogLocalFile("GetAccessToken - " + m_sTokenURL + " // " + m_sHTTPUrl)   cMyRequest is httpRequest cMyRequest..Method = httpPost cMyRequest..URL = m_sTokenURL cMyRequest..ContentType = "application/x-www-form-urlencoded" cMyRequest..Header["grant_type"] = "authorization_code" cMyRequest..Header["code"] = m_sAuthToken cMyRequest..Header["client_id"] = m_sClientID cMyRequest..Header["client_secret"] = m_sClientSecret cMyRequest..Header["scope"] = m_sScope cMyRequest..Header["redirect_uri"] = m_sRedirectURL //cMyRequest..Content = m_sHTTPUrl cMyResponse is httpResponse = HTTPSend(cMyRequest) m_sHTTPres = cMyResponse.Content

In a logfile I requested the used parameters and the content of the httpResponse:

GetAccessToken - https://login.microsoftonline.com/common/oauth2/v2.0/token // grant_type=authorization_code &code=xxxxxxx &scope=openid+offline_access+User.Read+Email+Mail.Read+Contacts.Read &redirect_uri=http://localhost/ &client_id=xxxxxxx &client_secret=xxxxxxx  GetAccessToken - error = invalid_request GetAccessToken - error_description = AADSTS90014: The request body must contain the following parameter: 'grant_type'.

The grant_type is in the header as it is supposed to be.

Does anybody have any clue of what is needed to get the OAUTH2 working ?

like image 419
Adjan Avatar asked Mar 27 '18 12:03

Adjan

1 Answers

You shouldn't send grant_type neither in params nor in headers. Those should be sent in body params then only it will work.

Url: https://login.microsoftonline.com/common/oauth2/v2.0/token client_id, scope and redirect_uri params can be sent as query params. where as grant_type, code and client_secret should sent in body params.

grant_type:authorization_code,  code: {code you got from the authorization step},  client_secret: ****
like image 75
Rajashekar Shingarapu Avatar answered Sep 20 '22 13:09

Rajashekar Shingarapu
Sign in to Comment

Related questions

Json Format for a TimeSpan that can be bound using Microsoft.Extensions.Configuration
Changing visibility of a Dash Component by updating other Component
How can I get all the rows of ag-grid?
How to set timestampsInSnapshots setting with firebase-admin for NodeJs?
When I am running azure HTTP Trigger function i am getting 401 unauthorized
relative import in pycharm 2018 does not work like relative import in python 3.6
How to vue watch a specific property in an array of objects
Get a list of categories of categorical variable (Python Pandas)
Inline style in react background: linear-gradient
Allow insecure HTTPS connection for Java JDK 11 HttpClient
What is Debugger PIN when I run the flask app python
In malloc, why use brk at all? Why not just use mmap?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!