HTTP 400 error when calling /SAAS/auth/device/register on iOS

Question

HTTP 400 error when calling /SAAS/auth/device/register on iOS

carlospsilva opened this issue 4 years ago · 1 comments

I'm using the AppAuth library to make the Dynamic Client Registration. It follows the OIDC specs to the letter (https://openid.net/specs/openid-connect-registration-1_0.html#ClientRegistration) without much flexibility to change the process.
When calling /SAAS/auth/device/register, it triggers a POST with all parameters in the body (as specified in the RFC) and not as a query parameter. I got back from VIDM an HTTP 400 error with the following message: Empty user_device parameter. Even if I'm sending it on the post body.
If I send as a query parameter, it works. However I cannot make AppAuth do it, since it only follows the standard.
So I would like to know if it's possible to support sending the arguments as post body to conform to the RFCs.

Answer 1 · 2021-05-10T20:21:10.000Z

Yes indeed, VMware implemented the protocol before the standard existed and thus needs modification to the library (https://github.com/vmware/idm/tree/master/samples/DynamicRegistrationAppAuthDemo-Android is an example).
For now, it's not possible to support sending the arguments as POST body.