By: Ram Niwash user 04 Feb 2020 at 12:16 a.m. CST

4 Responses
Ram Niwash gravatar
I am not able to get access token using grant type password here is my request format. ---------------------------------------------------------------------------------------------- curl --location --request POST '<https://host-name>/oxauth/restv1/token' \ --header 'Content-Type: application/x-www-form-urlencoded' \ --header 'Authorization: Basic <base64 encoded [client-id:Client Secret]>' \ --data-urlencode 'username=some-username' \ --data-urlencode 'password=some-password' \ --data-urlencode 'grant_type=password' \ --data-urlencode 'scope=openid' I am expecting the following response. ------------------------------------------------------- { "access_token":"26d55e4b-6c61-40ea-9763-3282f5db0f0e", "token_type":"bearer", "expires_in":3599, "refresh_token":"aba91bd9-aa10-4fca-952b-50a9a9afac28", "scope":"openid", "id_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczpcL1wvc2VlZC5nbHV1Lm9yZyIsInVzZXJfaWQiOiJtaWtlIiwiYXVkIjoiQCExMTExITAwMDghRkY4MSEyRDM5IiwiZXhwIjoxMzM5MTk2ODgxMzAzLCJveEludW0iOiJAITExMTEhMDAwMCFENEU3Iiwib3hWYWxpZGF0aW9uVVJJIjoiaHR0cHM6XC9cL3NlZWQuZ2x1dS5vcmdcL294YXV0aFwvc2VhbVwvcmVzb3VyY2VcL3Jlc3R2MVwvb3hhdXRoXC9jaGVja19zZXNzaW9uIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIn0.SzWfJsmlz62qTRw1lEJZ8PygY9eRupgmsbXLCQwPVDQ" } But It is throwing the following error. ------------------------------------------------------------------------------- { "reason": "Invalid user.", "error_description": "Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client.", "error": "invalid_client" } Here my client credentials and user credentials are valid. --------

By Michael Schwartz staff 04 Feb 2020 at 11:07 a.m. CST

Michael Schwartz gravatar
Does your client have grant type password in it's config?

By Ram Niwash user 04 Feb 2020 at 10:26 p.m. CST

Ram Niwash gravatar
Yes it is there, my client config has following grant type scopes and response type. Grant Type : ------------------------ refresh_token, password, authorization_code, client_credentials, implicit Scope : ------------------------ openid, user_name, clientinfo, profile, super_gluu_ro_session, oxd, email, mobile_phone, address, permission, phone Response Type: ------------------------ code, token, id_token

By Dzouato Djeumen Rolain Bonaventure staff 04 Feb 2020 at 11:36 p.m. CST

Dzouato Djeumen Rolain Bonaventure gravatar
Can you please go to `Configuration` > `Manage Custom Scripts` > `Resource Owner Password Credentials` and make sure that no script in that section is enabled ?

By Ram Niwash user 04 Feb 2020 at 11:59 p.m. CST

Ram Niwash gravatar
Yes It works, thanks to help me out this problem.