Oauth2/token basic authentication

I get a token in return encoding the client credentials and the grant type into the request, by setting
the client_auth_method to secret_post.

But I can’t seem to be able to reach it on basic authentication

my header

Authorization: Basic ImFOZXdDbGllbnQ6c2VjcmV0Ig==;
Accept: application/json;
content-type: application/x-www-form-urlencoded


grant_type: “client_credentials”


{“error”:“invalid_client”,“error_description”:“Client authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method)”,“status_code”:401}

I am not sure what I am doing wrong at this point.

I tried:

  • adding additional variables mentioned in the docs
  • instead of url encoded data I passed entries in the url ( as soon as I am leaving out the post body, it tells me this should not be empty though)
  • accepting * as response
  • with the secret_post auth method it works flawlessly

I am using

git clone https://github.com/ory/hydra.git
docker-compose -f quickstart.yml -f quickstart-mysql.yml up --build

from the 5 minute tutorial to start and configure the server

the client looks like this:

client_id: “aNewClient”,
client_name: “”,
client_secret: nil,
redirect_uris: [],
grant_types: [“client_credentials”],
response_types: [“code”],
scope: “offline_access offline openid”,
audience: [],
owner: “”,
policy_uri: “”,
allowed_cors_origins: [],
tos_uri: “”,
client_uri: “”,
logo_uri: “”,
contacts: [],
client_secret_expires_at: 0,
subject_type: “public”,
jwks: {},
token_endpoint_auth_method: “client_secret_basic”,
userinfo_signed_response_alg: “none”,
created_at: “2020-07-06T09:20:18Z”,
updated_at: “2020-07-06T09:22:17Z”,
metadata: {}

Pretty sure the ; in Authorization: Basic ImFOZXdDbGllbnQ6c2VjcmV0Ig==; doesn’t belong there. We recommend using an OAuth2 library to perform these flows

this is just to underline an end of a line. the semicolon isn’t in the actual string
just as there is no “application/json;”

Ok, but the client ID and secret are quoted, base64decoding the string gives:


Quoting is not required/supported here

thx I am back from vacations and the first thing I see is a solution.

it seems my encoder was adding double quotes automatically.