Invalid Client Error
Opened this issue · 1 comments
After Creating An Application With Client Type "Confidential" and Authorization grant type: Resource owner password-based
When I Request An Token
And Hit The Route http://127.0.0.1:8000/auth/token
with Json Body This
{
"username": "username" ,
"password":"password",
"grant_type": "password",
"client_id": "kRMUn5rVjGowZpqe8cqi20Ldghny5ARm7FLUke9g",
"client_secret": "pbkdf2_sha256$720000$tNZxT5vI4mTyYgfrcZIZAO$MYQNjZCcURvHG18YsGfH4hSHrnjpXNcomoRYfXppVSc="
}
which is a valid client id and secret key it returns me
{
"error": "invalid_client"
}
but when i make the Client Type "Public " and hit with the same data the access and refresh token will come
You must use the client secret before it is hashed by pbkdf2, you are using the hashed version. It says you to save the secret before saving the application.