Hi Friends,
I am trying to implement three legged oauth with the sample proxies given at https://github.com/apigee/api-platform-samples/tree/master/sample-proxies/oauth-advanced. When I tried to call the generate Access token flow to get acces token through postman, with the auth code generated I got the following response.
{ "fault": { "faultstring": "invalid_request", "detail": { "errorcode": "invalid_request" } } }
My Request is as follows:
With header,
Authorization : Basic base64(client_id:client_secret)
In trace I found an error after GenerateAccessToken Policy like:
error | invalid_request |
---|---|
error.class | com.apigee.oauth.v2.TokenGenerationException |
Identifier | fault |
proxy.flow.name | AccessTokenRequest |
state | PROXY_REQ_FLOW |
type | ErrorPoint |
My generateAccessToken policy is as follows:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <OAuthV2 async="false" continueOnError="false" enabled="true" name="AccessTokenRequest">
<DisplayName>AccessTokenRequest</DisplayName>
<ExpiresIn>3600000</ExpiresIn>
<ExternalAuthorization>false</ExternalAuthorization>
<Operation>GenerateAccessToken</Operation> <GenerateResponse enabled="false">
<Format>FORM_PARAM</Format>
</GenerateResponse>
<ReuseRefreshToken>false</ReuseRefreshToken>
<SupportedGrantTypes>
<GrantType>authorization_code</GrantType>
<GrantType>client_credentials</GrantType>
</SupportedGrantTypes>
<Tokens/>
</OAuthV2>
Can anyone suggest where I went wrong?
To get an access_token using authorization code requires you to generate an authorization code or a one-time token before using the generate access_token policy
if you were to change your grant_type to client_credentials this request would work.
If you want auth code i would follow these instructions
http://docs.apigee.com/api-services/content/oauth-v2-policy-authorization-code-grant-type
Cheers,
Steve
Hi steve,
Thanks for your reply. As given in the URL,
(https://{myorg}-test.apigee.net/oauth2/token?code=Vo3x7VSc&grant_type=authorization_code&redirect_uri=https://{myorg}-test.apigee.net/web/callback)
you can see that, I have already generated my authorization_code and want to get access token for that code only.
Can you please tell me the correct format in POSTMAN to get access token with an authorization_code?
I sorted out the problem. Mistakes I have done,
1) I got "invalid request" as error message without any other specific reasons because in Generate Access Token policy I gave <GenerateResponse enabled="false">, if only I had enabled it to True I would have got exact response which would have helped to debug it.
2) Though I send the values of code, grant_type and redirect_uri in query params I did not mention in the policy like from where it has to access those variables. So in Generate Access Token policy I should add
<Code>request.queryparam.code</Code>
<GrantType>request.queryparam.grant_type</GrantType>
<RedirectUri>request.queryparam.redirect_uri</RedirectUri>
After doing this change I am now able to generate my access token.
Note: If you have already mentioned your redirect_uri in your developer app it is neither required to send as query param nor you have to add it in your Generate Access Token Policy.
Hope this is useful 🙂
User | Count |
---|---|
7 | |
2 | |
2 | |
1 | |
1 |