Hi,
I am doing OAuth2 flow referring the documentation //tyk.io/docs/basic-config-and-security/security/authentication-authorization/oauth-2-0/.
I can not get authorization code from /tyk/oauth/authorize-client/ endpoint without providing gateway secret. How can I achieve this without gateway secret. Since my client should not have any dependency over gateway.
POST http://tyk-gateway.dev.com:8070/{listen_path}/tyk/oauth/authorize-client
Headers:
Content-Type: application/x-www-form-urlencoded
Authorization: Basic base64(client_id:client_secret)
Body:
response_type=code&client_id=27f6e23bab8b4c9981ba71bfa9f7aa63
This gives response
{ "status": "error", "message": "Forbidden" }
Thank you,
Shiva