Im using the following configuration for generatin auth code:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<OAuthV2 name="OAuthV2-GenerateAuthorizationCode">
<DisplayName>OAuthV2: Generate Authorization Code</DisplayName>
<ExternalAuthorization>false</ExternalAuthorization>
<Operation>GenerateAuthorizationCode</Operation>
<Scope>scope</Scope>
<ClientId>client_id</ClientId>
<ResponseType>code</ResponseType>
<ExpiresIn>600000</ExpiresIn>
<SupportedGrantTypes/>
<Tokens/>
</OAuthV2>
where scope=openid and client_id=my developer's app client_id
This configuration is giving me invalid_request error(500 error)
Any help would be appreciated 🙂
Hi @Raunak Narooka,
Please could you paste the response body and run a trace and see what other information is provided in the OAuthV2 policy? There should be more information there!
My first guesses would be...
- The <Scope> tag expects a variable, such as request.formparam.scope or request.queryparam.scope to indicate where in the request scope can be found. Is scope a valid variable for you?
- The same for ClientId. If you exclude this tag, it will decode the Basic Authentication header, as per the OAuth2 spec
- Some other policy in your flow might be failing, such as an Assign Message policy not resolving a variable or Extract Variables seeing a malformed JSON/XML payload. The response payload may give you more information about this!
Hope this gives you a head start in debugging this issue 🙂
@Raunak Narooka Don't you need to specify the SupportedGrantTypes? please follow the GenerateAccessToken doucment in http://docs.apigee.com/api-services/content/oauthv2-policy
Based on current information, I am afraid it caused by the scope and clientid.
It should looks like <ClientId>request.queryparam.client_id</ClientId>
May I know if you missed "request.queryparam"?
The variable request.queryparam.client_id
indicates that the client_id should be present as a query parameter, as, for example, ?client_id=AfGlvs9
.
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |