Error while trying to get Oauth Access token using authorization_code as grant type

Not applicable

Hi Friends,

I am trying to implement three legged oauth with the sample proxies given at https://github.com/apigee/api-platform-samples/tree/master/sample-proxies/oauth-advanced. When I tried to call the generate Access token flow to get acces token through postman, with the auth code generated I got the following response.

{ "fault": { "faultstring": "invalid_request", "detail": { "errorcode": "invalid_request" } } }

My Request is as follows:

URL: https://{myorg}-test.apigee.net/oauth2/token?code=Vo3x7VSc&grant_type=authorization_code&redirect_ur...

With header,

Authorization : Basic base64(client_id:client_secret)

In trace I found an error after GenerateAccessToken Policy like:

error invalid_request
error.class com.apigee.oauth.v2.TokenGenerationException
Identifier fault
proxy.flow.name AccessTokenRequest
state PROXY_REQ_FLOW
type ErrorPoint

My generateAccessToken policy is as follows:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <OAuthV2 async="false" continueOnError="false" enabled="true" name="AccessTokenRequest">

<DisplayName>AccessTokenRequest</DisplayName>

<ExpiresIn>3600000</ExpiresIn>

<ExternalAuthorization>false</ExternalAuthorization>

<Operation>GenerateAccessToken</Operation> <GenerateResponse enabled="false">

<Format>FORM_PARAM</Format>

</GenerateResponse>

<ReuseRefreshToken>false</ReuseRefreshToken>

<SupportedGrantTypes>

<GrantType>authorization_code</GrantType>

<GrantType>client_credentials</GrantType>

</SupportedGrantTypes>

<Tokens/>

</OAuthV2>

Can anyone suggest where I went wrong?

0 3 1,321
3 REPLIES 3

richarst
Participant I

To get an access_token using authorization code requires you to generate an authorization code or a one-time token before using the generate access_token policy

if you were to change your grant_type to client_credentials this request would work.

If you want auth code i would follow these instructions

http://docs.apigee.com/api-services/content/oauth-v2-policy-authorization-code-grant-type

Cheers,

Steve

Hi steve,

Thanks for your reply. As given in the URL,

(https://{myorg}-test.apigee.net/oauth2/token?code=Vo3x7VSc&grant_type=authorization_code&redirect_uri=https://{myorg}-test.apigee.net/web/callback)

you can see that, I have already generated my authorization_code and want to get access token for that code only.

Can you please tell me the correct format in POSTMAN to get access token with an authorization_code?

Not applicable

I sorted out the problem. Mistakes I have done,

1) I got "invalid request" as error message without any other specific reasons because in Generate Access Token policy I gave <GenerateResponse enabled="false">, if only I had enabled it to True I would have got exact response which would have helped to debug it.

2) Though I send the values of code, grant_type and redirect_uri in query params I did not mention in the policy like from where it has to access those variables. So in Generate Access Token policy I should add

<Code>request.queryparam.code</Code>

<GrantType>request.queryparam.grant_type</GrantType>

<RedirectUri>request.queryparam.redirect_uri</RedirectUri>

After doing this change I am now able to generate my access token.

Note: If you have already mentioned your redirect_uri in your developer app it is neither required to send as query param nor you have to add it in your Generate Access Token Policy.

Hope this is useful 🙂