Hello,
After completing the login/consent flow, I get the auth code in callback url.
I’m calling /auth2/token endpoint to exchange the ‘code’ for access token and refresh token but ORY Hydra v1.4.6 is returning below error hint which is not enough to analyze/fix the issue. Please help.
time=“2020-09-23T13:11:27Z” level=info msg=“started handling request” method=POST remote=“172.18.0.1:38336” request=/oauth2/token
time=“2020-09-23T13:11:27Z” level=error msg=“An error occurred” description=“The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client” error=invalid_grant hint=“The OAuth 2.0 Client ID from this request does not match the one from the authorize request.”
cURL code for /auth2/token request:
curl --location --request POST ‘http://<IP_ADDRESS>/oauth2/token’
–header ‘Content-Type: application/x-www-form-urlencoded’
–header ‘Accept: application/json’
–data-urlencode ‘grant_type=authorization_code’
–data-urlencode ‘scope=openid offline offline_access’
–data-urlencode ‘code=UjpzQ4DTC3gOHLYlKgk2lG3_c-So3drqdH8w0Vqbb4I.x0Hi8a9R9I9yv4kJLzHyPxMmFDgim0GxSJtx2fsmNSs’
–data-urlencode ‘redirect_uri=https://<IP_ADDRESS>/oauth-service/callback’
–data-urlencode ‘code_verifier=782da554-6ca9-44d7-808b-1d88fd98123b’
cURL command to update the client:
curl --location --request PUT ‘https://<IP_ADDRESS>:9001/clients/MY_WEB_APP_CLIENT_ID’
–header ‘Content-Type: application/json’
–header ‘Accept: application/json’
–data-raw ‘{
“client_id”: “MY_WEB_APP_CLIENT_ID”,
“client_name”: “MY_WEB_APP_CLIENT_ID”,
“client_secret”: “MY_WEB_APP_CLIENT_ID”,
“client_secret_expires_at”: 0,
“created_at”: “2020-04-06T12:34:42Z”,
“grant_types”: [“authorization_code”,“refresh_token”],
“token_endpoint_auth_method”: “client_secret_basic”,
“redirect_uris”: [“https://<IP_ADDRESS>/oauth-service/callback”]
}’