This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Invalid Authorization Code error using OAuth 2.0 policy PKCE Flow

Posted on 07-18-2022 09:47 AM
yahyaoui
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hello,

I'm having issue with configuring OAuth 2.0 with the default policy OAuthV2.

The PKCE Flow was up and running since today I get
{"error":"invalid_grant","error_description":"Invalid authorization code"}

Here is an example of the request(payload) sent

code=wUWZClnU&grant_type=authorization_code&client_id=******&client_secret=*******&redirect_uri=http%3A%2F%2Fwww.google.fr&code_verifier=Whubzdv9zyTyeqdpEpouWE1QVQ0tGlMpbn3eJpTuHog

 

Regards,

0 2 205
Topic Labels
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
dknezic
Staff
Reply posted on --/--/---- --:-- AM

Have you gone through the auth flow again from the beginning to get a new auth code and try again?

0 Likes

Posted on --/--/---- --:-- AM
API-Evangelist
Silver 5
Silver 5
Reply posted on --/--/---- --:-- AM

What's the use case? Would appreciate if you provide some context and proxy bundle/flow which you have done & at what step of PKCE flow you are facing issue?

RFC for understanding - https://datatracker.ietf.org/doc/html/rfc7636

&

possible go thru below & may help understand how to implement in apigee https://www.googlecloudcommunity.com/gc/Cloud-Product-Articles/Dispensing-tokens-via-OAuthV2-with-PK...

 


0 Likes
Top Solution Authors
View all