Oauth2.0: /oauth/token/ issue

anand.pimple · January 24, 2020, 1:56pm

I have set up tyk api with oauth2.0 authorization code grant type. I can receive authorize-client, but using that code when i try to excahnge it for token i get following error {
“error”: “invalid_request”,
“error_description”: “The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed.”
}

The curl request is as below (Removed some information).

curl --location --request POST ‘/oauth/token/’
–header ‘Content-Type: application/x-www-form-urlencoded’
–header 'Authorization: ’
–data-urlencode ‘grant_type=authorization_code’
–data-urlencode 'client_id=
–data-urlencode ‘code=E-keLbBhQU2abAs3-iKeBw’
–data-urlencode ‘redirect_uri= https:///open-banking-tpp-service/client/notify’
–data-urlencode ‘scope=null’
–data-urlencode ‘state=null’

Can someone let me know what is wrong?

Regards,
Anand

leon · January 24, 2020, 3:18pm

Do you have anything else in the gateway logs? (try running with “log_level”: “debug” in tyk.conf)

anand.pimple · January 24, 2020, 3:40pm

i don’t see anything in log

leon · January 24, 2020, 6:43pm

So, first of all you need to have non empty client_id, additionally do not send null values.

anand.pimple · January 24, 2020, 9:48pm

grant_type:authorization_code
client_id:44c9792d1abf45bb8b6a6754a9c6b19b
code:m7m_WgQ9QxKqBcmjfmhG1Q
redirect_uri: https://*****/open-banking-tpp-service/client/notify

I have set proper client id and removed null values still get same error and the http status is 403