[PDB Tech] OAuth client application help requested - cannot authorize with client secret

Justin Cole justinc at redapt.com
Wed Feb 15 19:52:40 PST 2023


Hello,

I'm hoping someone can help me with my OAuth application problem.

I have created an OAuth application with authorization-code grant type and entered my redirect uri.  I can successfully call the /authorize/ endpoint, log in and receive an authorization code.  However, the subsequent callback to /token/ always returns 401 Unauthorized with response body: { "meta": { "error": "Invalid username or password" } }

Call to /token/ looks like:

POST to https://auth.peeringdb.com/oauth2/token/
Header:
Authorization: Basic (Base64Encode(CLIENT_ID:CLIENT_SECRET))
Body:
{
grant_type:'authorization_code',
code:'CODE',
redirect_uri:'https://localhost:3001/api/auth/callback/peeringdb',
client_id:'CLIENT_ID',
client_secret:'CLIENT_SECRET'
}

I've determined that problem is the Authorization header value, however I've verified the values match the client id/client secret generated from PeeringDB (https://www.peeringdb.com/oauth2/applications/register/) are correct.

What am I doing wrong?

Or is there something I am missing to enable the OAuth application registration from working properly?

Thank you,
Justin



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.peeringdb.com/pipermail/pdb-tech/attachments/20230216/1f5137cc/attachment.htm>


More information about the Pdb-tech mailing list