It seems you have typo in scope name, it should be `uma_protection` instead of `uma-protection`. Also please attach full `oxauth.log` file if it will not help. Thanks, Yuriy Z

After changing the scope value to uma_protection,the previous error was resolved but a new result araised { "error": "invalid_permission_request", "error_description": "The provided permission request is not valid." } I herewith provide my log and the error 2019-02-13 02:57:05,317 DEBUG [qtp1007309018-468282] [org.xdi.oxauth.service.ClientService] (ClientService.java:137) - Found 1 entries for client id = @!F157.0A5B.9A76.6A7D!0001!2063.8249!0008!5E07.D1B1.F7FD.B71E 2019-02-13 02:57:05,317 TRACE [qtp1007309018-468282] [org.xdi.oxauth.auth.AuthenticationFilter] (AuthenticationFilter.java:91) - Get request to: 'http://myinno.myglu.com/oxauth/restv1/token' 2019-02-13 02:57:05,317 DEBUG [qtp1007309018-468282] [org.xdi.oxauth.auth.AuthenticationFilter] (AuthenticationFilter.java:98) - Starting token endpoint authentication 2019-02-13 02:57:05,317 DEBUG [qtp1007309018-468282] [org.xdi.oxauth.auth.AuthenticationFilter] (AuthenticationFilter.java:111) - Starting Basic Auth token endpoint authentication 2019-02-13 02:57:05,318 TRACE [qtp1007309018-468282] [org.xdi.oxauth.service.ClientService] (ClientService.java:195) - Get client from cache by Dn 'inum=@!F157.0A5B.9A76.6A7D!0001!2063.8249!0008!5E07.D1B1.F7FD.B71E,ou=clients,o=@!F157.0A5B.9A76.6A7D!0001!2063.8249,o=gluu' 2019-02-13 02:57:05,318 DEBUG [qtp1007309018-468282] [org.xdi.oxauth.service.ClientService] (ClientService.java:137) - Found 1 entries for client id = @!F157.0A5B.9A76.6A7D!0001!2063.8249!0008!5E07.D1B1.F7FD.B71E 2019-02-13 02:57:05,318 TRACE [qtp1007309018-468282] [org.xdi.oxauth.auth.Authenticator] (Authenticator.java:142) - Authenticating ... (interactive: false, skipPassword: false, credentials.username: @!F157.0A5B.9A76.6A7D!0001!2063.8249!0008!5E07.D1B1.F7FD.B71E) 2019-02-13 02:57:05,319 DEBUG [qtp1007309018-468282] [org.xdi.oxauth.service.ClientService] (ClientService.java:100) - Authenticating Client with LDAP: clientId = @!F157.0A5B.9A76.6A7D!0001!2063.8249!0008!5E07.D1B1.F7FD.B71E 2019-02-13 02:57:05,319 TRACE [qtp1007309018-468282] [org.xdi.oxauth.service.ClientService] (ClientService.java:195) - Get client from cache by Dn 'inum=@!F157.0A5B.9A76.6A7D!0001!2063.8249!0008!5E07.D1B1.F7FD.B71E,ou=clients,o=@!F157.0A5B.9A76.6A7D!0001!2063.8249,o=gluu' 2019-02-13 02:57:05,319 DEBUG [qtp1007309018-468282] [org.xdi.oxauth.service.ClientService] (ClientService.java:137) - Found 1 entries for client id = @!F157.0A5B.9A76.6A7D!0001!2063.8249!0008!5E07.D1B1.F7FD.B71E 2019-02-13 02:57:05,319 DEBUG [qtp1007309018-468282] [org.xdi.oxauth.service.AuthenticationService] (AuthenticationService.java:480) - ConfigureSessionClient: username: '@!F157.0A5B.9A76.6A7D!0001!2063.8249!0008!5E07.D1B1.F7FD.B71E', credentials: '2061685400' 2019-02-13 02:57:05,320 TRACE [qtp1007309018-468282] [org.xdi.oxauth.service.ClientService] (ClientService.java:195) - Get client from cache by Dn 'inum=@!F157.0A5B.9A76.6A7D!0001!2063.8249!0008!5E07.D1B1.F7FD.B71E,ou=clients,o=@!F157.0A5B.9A76.6A7D!0001!2063.8249,o=gluu' 2019-02-13 02:57:05,320 DEBUG [qtp1007309018-468282] [org.xdi.oxauth.service.ClientService] (ClientService.java:137) - Found 1 entries for client id = @!F157.0A5B.9A76.6A7D!0001!2063.8249!0008!5E07.D1B1.F7FD.B71E 2019-02-13 02:57:05,332 INFO [qtp1007309018-468282] [org.xdi.oxauth.auth.Authenticator] (Authenticator.java:217) - Authentication success for Client: '@!F157.0A5B.9A76.6A7D!0001!2063.8249!0008!5E07.D1B1.F7FD.B71E' 2019-02-13 02:57:05,332 TRACE [qtp1007309018-468282] [org.xdi.oxauth.auth.Authenticator] (Authenticator.java:160) - Authentication successfully for '@!F157.0A5B.9A76.6A7D!0001!2063.8249!0008!5E07.D1B1.F7FD.B71E' 2019-02-13 02:57:05,335 DEBUG [qtp1007309018-468282] [xdi.oxauth.token.ws.rs.TokenRestWebServiceImpl] (TokenRestWebServiceImpl.java:98) - Attempting to request access token: grantType = client_credentials, code = null, redirectUri = null, username = null, refreshToken = null, clientId = null, ExtraParams = {grant_type=[client_credentials], scope=[uma_protection]}, isSecure = false, codeVerifier = null, ticket = null 2019-02-13 02:57:05,335 DEBUG [qtp1007309018-468282] [xdi.oxauth.token.ws.rs.TokenRestWebServiceImpl] (TokenRestWebServiceImpl.java:118) - Starting to validate request parameters 2019-02-13 02:57:05,336 TRACE [qtp1007309018-468282] [xdi.oxauth.token.ws.rs.TokenRestWebServiceImpl] (TokenRestWebServiceImpl.java:124) - Request parameters are right 2019-02-13 02:57:05,336 DEBUG [qtp1007309018-468282] [xdi.oxauth.token.ws.rs.TokenRestWebServiceImpl] (TokenRestWebServiceImpl.java:126) - Grant type: 'client_credentials' 2019-02-13 02:57:05,336 DEBUG [qtp1007309018-468282] [xdi.oxauth.token.ws.rs.TokenRestWebServiceImpl] (TokenRestWebServiceImpl.java:132) - Get sessionClient: 'org.xdi.oxauth.model.session.SessionClient@4bd8c068' 2019-02-13 02:57:05,336 DEBUG [qtp1007309018-468282] [xdi.oxauth.token.ws.rs.TokenRestWebServiceImpl] (TokenRestWebServiceImpl.java:136) - Get client from session: '@!F157.0A5B.9A76.6A7D!0001!2063.8249!0008!5E07.D1B1.F7FD.B71E' 2019-02-13 02:57:05,345 DEBUG [qtp1007309018-468282] [org.xdi.oxauth.model.authorize.ScopeChecker] (ScopeChecker.java:39) - Checking scopes policy for: uma_protection 2019-02-13 02:57:05,349 DEBUG [qtp1007309018-468282] [org.xdi.oxauth.model.authorize.ScopeChecker] (ScopeChecker.java:63) - Granted scopes: [uma_protection] 2019-02-13 02:57:05,353 DEBUG [qtp1007309018-468282] [org.xdi.oxauth.model.common.AuthorizationGrant] (AuthorizationGrant.java:131) - Saving grant: 3fadd59f-1510-4b51-a09e-5df8213a3437, code_challenge: null 2019-02-13 02:57:18,519 TRACE [qtp1007309018-527514] [org.xdi.oxauth.uma.service.UmaValidationService] (UmaValidationService.java:108) - Validate authorization: Bearer 0686f70d-01d4-4bd3-b421-b1f97805d7e7 2019-02-13 02:57:18,524 DEBUG [qtp1007309018-527514] [org.xdi.oxauth.service.UserService] (UserService.java:87) - Getting user information from LDAP: userId = null 2019-02-13 02:57:18,530 DEBUG [qtp1007309018-527514] [org.xdi.oxauth.service.ClientService] (ClientService.java:137) - Found 1 entries for client id = @!F157.0A5B.9A76.6A7D!0001!2063.8249!0008!5E07.D1B1.F7FD.B71E **2019-02-13 02:57:18,531 ERROR [qtp1007309018-527514] [xdi.oxauth.uma.ws.rs.UmaPermissionRegistrationWS] (UmaPermissionRegistrationWS.java:134) - Failed to parse uma permission request java.io.EOFException: No content to map to Object due to end of input at org.codehaus.jackson.map.ObjectMapper._initForReading(ObjectMapper.java:2775) ~[jackson-mapper-asl-1.9.11.jar:1.9.11] at org.codehaus.jackson.map.ObjectMapper._readMapAndClose(ObjectMapper.java:2718) ~[jackson-mapper-asl-1.9.11.jar:1.9.11] at org.codehaus.jackson.map.ObjectMapper.readValue(ObjectMapper.java:1863) ~[jackson-mapper-asl-1.9.11.jar:1.9.11] at org.xdi.oxauth.uma.ws.rs.UmaPermissionRegistrationWS.parseRequest(UmaPermissionRegistrationWS.java:128) [classes/:?] at org.xdi.oxauth.uma.ws.rs.UmaPermissionRegistrationWS.registerPermission(UmaPermissionRegistrationWS.java:93) [classes/:?] at org.xdi.oxauth.uma.ws.rs.UmaPermissionRegistrationWS$Proxy$_$$_WeldClientProxy.registerPermission(Unknown Source) [classes/:?] at sun.reflect.GeneratedMethodAccessor627.invoke(Unknown Source) ~[?:?] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_162] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_162] at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:140) [resteasy-jaxrs-3.0.21.Final.jar:3.0.21.Final] at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:295) [resteasy-jaxrs-3.0.21.Final.jar:3.0.21.Final] at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:249) [resteasy-jaxrs-3.0.21.Final.jar:3.0.21.Final] at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:236) [resteasy-jaxrs-3.0.21.Final.jar:3.0.21.Final] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:402) [resteasy-jaxrs-3.0.21.Final.jar:3.0.21.Final] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:209) [resteasy-jaxrs-3.0.21.Final.jar:3.0.21.Final] at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:228) [resteasy-jaxrs-3.0.21.Final.jar:3.0.21.Final] at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56) [resteasy-jaxrs-3.0.21.Final.jar:3.0.21.Final] at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) [resteasy-jaxrs-3.0.21.Final.jar:3.0.21.Final] at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [servlet-api-3.1.jar:3.1.0] at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:864) [jetty-servlet-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1655) [jetty-servlet-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.websocket.server.WebSocketUpgradeFilter.doFilter(WebSocketUpgradeFilter.java:215) [websocket-server-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642) [jetty-servlet-9.4.9.v20180320.jar:9.4.9.v20180320] at org.ocpsoft.rewrite.servlet.RewriteFilter.doFilter(RewriteFilter.java:226) [rewrite-servlet-3.4.1.Final.jar:3.4.1.Final] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642) [jetty-servlet-9.4.9.v20180320.jar:9.4.9.v20180320] at org.gluu.oxserver.filters.AbstractCorsFilter.handleSimpleCORS(AbstractCorsFilter.java:213) [oxcore-server-3.1.3.Final.jar:?] at org.gluu.oxserver.filters.AbstractCorsFilter.doFilter(AbstractCorsFilter.java:113) [oxcore-server-3.1.3.Final.jar:?] at org.xdi.oxauth.filter.CorsFilter.doFilter(CorsFilter.java:132) [classes/:?] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642) [jetty-servlet-9.4.9.v20180320.jar:9.4.9.v20180320] at org.xdi.oxauth.audit.debug.ServletLoggingFilter.doFilter(ServletLoggingFilter.java:73) [classes/:?] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1634) [jetty-servlet-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:533) [jetty-servlet-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:146) [jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548) [jetty-security-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132) [jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:257) [jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1595) [jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:255) [jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1253) [jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:203) [jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:473) [jetty-servlet-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1564) [jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:201) [jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1155) [jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:144) [jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:219) [jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:126) [jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132) [jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.server.Server.handle(Server.java:531) [jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:352) [jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:260) [jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:281) [jetty-io-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:102) [jetty-io-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:118) [jetty-io-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:319) [jetty-util-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:175) [jetty-util-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:133) [jetty-util-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:366) [jetty-util-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:754) [jetty-util-9.4.9.v20180320.jar:9.4.9.v20180320] at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:672) [jetty-util-9.4.9.v20180320.jar:9.4.9.v20180320] at java.lang.Thread.run(Thread.java:748) [?:1.8.0_162]**

It seems you didn't send payload in request to Permission Endpoint and as result it failed to parse it. I recommend to check this HTTP Client test and use oxauth-client's `UmaPermissionService` to construct correct request. See this https://github.com/GluuFederation/oxAuth/blob/d42fde4ff6c34d3b2feff8845837cd0ebcbf3fb5/Client/src/test/java/org/xdi/oxauth/ws/rs/uma/UmaRegisterPermissionFlowHttpTest.java#L90 Thanks, Yuriy Z