[PDB Tech] OAuth client application help requested - cannot authorize with client secret
Justin Cole
justinc at redapt.com
Wed Feb 15 19:52:40 PST 2023
Hello,
I'm hoping someone can help me with my OAuth application problem.
I have created an OAuth application with authorization-code grant type and entered my redirect uri. I can successfully call the /authorize/ endpoint, log in and receive an authorization code. However, the subsequent callback to /token/ always returns 401 Unauthorized with response body: { "meta": { "error": "Invalid username or password" } }
Call to /token/ looks like:
POST to https://auth.peeringdb.com/oauth2/token/
Header:
Authorization: Basic (Base64Encode(CLIENT_ID:CLIENT_SECRET))
Body:
{
grant_type:'authorization_code',
code:'CODE',
redirect_uri:'https://localhost:3001/api/auth/callback/peeringdb',
client_id:'CLIENT_ID',
client_secret:'CLIENT_SECRET'
}
I've determined that problem is the Authorization header value, however I've verified the values match the client id/client secret generated from PeeringDB (https://www.peeringdb.com/oauth2/applications/register/) are correct.
What am I doing wrong?
Or is there something I am missing to enable the OAuth application registration from working properly?
Thank you,
Justin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.peeringdb.com/pipermail/pdb-tech/attachments/20230216/1f5137cc/attachment.htm>
More information about the Pdb-tech
mailing list