Invalid client id error for ExternalAuthorization

Not applicable

We are trying to user oauthv2 for GenerateAccessToken. We are providing ExternalAccessToken. This is how the policy looks like.

<OAuthV2 async="false" continueOnError="false" enabled="true" name="TestProfilePermission"> <DisplayName>OAuth.GetProfilePermission</DisplayName> <Attributes/> <ExternalAccessToken>IAM_ACCESS_TOKEN</ExternalAccessToken> <ExternalAuthorization>true</ExternalAuthorization> <Operation>GenerateAccessToken</Operation> <GenerateResponse enabled="true"> <Format>FORM_PARAM</Format> </GenerateResponse> <ReuseRefreshToken>false</ReuseRefreshToken> <StoreToken>true</StoreToken> <SupportedGrantTypes> <GrantType>client_credentials</GrantType> </SupportedGrantTypes> <Tokens/> </OAuthV2>

We are getting {"ErrorCode" : "invalid_client", "Error" :"ClientId is Invalid"}. Can someone please help urgently? Thanks !

0 3 988
3 REPLIES 3

Hi @Jaideep Joshi,

In the policy you have - <ExternalAccessToken>IAM_ACCESS_TOKEN</ExternalAccessToken>

IAM_ACCESS_TOKEN - is this your access token which you have generated from the external system?

Not applicable

@Jaideep Joshi, how are you passing your client_id? Is there any app with that client_id?

It's likely you haven't set the variable oauth_external_authorization_status to true. You may do this via an AssignMessage policy in a preceding step.

In addition, you must put the client_id in the formparam, i.e., request.formparam.client_id. If you aren't doing this on the original request, you'll want to also set this, perhaps via an AssignMessage policy in a preceding step.

Also see this documentation page for more details on enabling 3rd party tokens on Edge.