This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Getting Invalid_request error using Oauth 2.0 policy for generating authorization code

Posted on 01-28-2017 01:43 PM
Not applicable
Reply posted on --/--/---- --:-- AM

Im using the following configuration for generatin auth code:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<OAuthV2 name="OAuthV2-GenerateAuthorizationCode">
<DisplayName>OAuthV2: Generate Authorization Code</DisplayName>
<ExternalAuthorization>false</ExternalAuthorization>
<Operation>GenerateAuthorizationCode</Operation>
<Scope>scope</Scope>
<ClientId>client_id</ClientId>
<ResponseType>code</ResponseType>
<ExpiresIn>600000</ExpiresIn>
<SupportedGrantTypes/>
<Tokens/>
</OAuthV2>

where scope=openid and client_id=my developer's app client_id

This configuration is giving me invalid_request error(500 error)

Any help would be appreciated 🙂

0 3 732
Topic Labels
0 Likes
3 REPLIES 3

Posted on --/--/---- --:-- AM
davissean
Staff
Reply posted on --/--/---- --:-- AM

Hi @Raunak Narooka,

Please could you paste the response body and run a trace and see what other information is provided in the OAuthV2 policy? There should be more information there!

My first guesses would be...

- The <Scope> tag expects a variable, such as request.formparam.scope or request.queryparam.scope to indicate where in the request scope can be found. Is scope a valid variable for you?

- The same for ClientId. If you exclude this tag, it will decode the Basic Authentication header, as per the OAuth2 spec

- Some other policy in your flow might be failing, such as an Assign Message policy not resolving a variable or Extract Variables seeing a malformed JSON/XML payload. The response payload may give you more information about this!

Hope this gives you a head start in debugging this issue 🙂

0 Likes

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

@Raunak Narooka Don't you need to specify the SupportedGrantTypes? please follow the GenerateAccessToken doucment in http://docs.apigee.com/api-services/content/oauthv2-policy

0 Likes

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

Based on current information, I am afraid it caused by the scope and clientid.

It should looks like <ClientId>request.queryparam.client_id</ClientId>

May I know if you missed "request.queryparam"?

The variable request.queryparam.client_id indicates that the client_id should be present as a query parameter, as, for example, ?client_id=AfGlvs9.

0 Likes