passwordless login with api is not working

[esasiyunx]

greetings, my direct grant flow is like this ;

My docker compose settings are like this;

using your dummy provider I send a request like this and get an authentication code, localhost:8080/realms/master/sms/authentication-code?phoneNumber=+905061547915

and then I go to this endpoint to get the token using the verification code I received.

curl -X POST \ 'http://localhost:8080/realms/master/protocol/openid-connect/token' \ --header 'Accept: /' \ --header 'Content-Type: application/x-www-form-urlencoded' \ --data-urlencode 'grant_type=password' \ --data-urlencode 'client_id=account' \ --data-urlencode 'client_secret=UB3PXYC3v8oasalVzCFlGBUh1Wd23bUe' \ --data-urlencode 'phone_number=+905061547915' \ --data-urlencode 'code=441457'

and this is the answer I got;

{ "error": "invalid_grant", "error_description": "Invalid user credentials" }

And here's the detail;

examples-keycloak-1 | 2023-08-31 12:48:39,383 INFO [cc.coopersoft.keycloak.phone.providers.spi.impl.DefaultPhoneVerificationCodeProvider] (executor-thread-21) valid AUTH , phone: +905061547915, code: 239254 examples-keycloak-1 | 2023-08-31 12:48:39,386 INFO [cc.coopersoft.keycloak.phone.authentication.authenticators.directgrant.AuthenticationCodeAuthenticator] (executor-thread-21) Grant authenticator valid code failure: javax.ws.rs.BadRequestException: There is no valid ongoing authentication process examples-keycloak-1 | at cc.coopersoft.keycloak.phone.providers.spi.impl.DefaultPhoneVerificationCodeProvider.validateCode(DefaultPhoneVerificationCodeProvider.java:149) examples-keycloak-1 | at cc.coopersoft.keycloak.phone.authentication.authenticators.directgrant.AuthenticationCodeAuthenticator.lambda$validateVerificationCode$2(AuthenticationCodeAuthenticator.java:43) examples-keycloak-1 | at java.base/java.util.Optional.ifPresentOrElse(Optional.java:196) examples-keycloak-1 | at cc.coopersoft.keycloak.phone.authentication.authenticators.directgrant.AuthenticationCodeAuthenticator.validateVerificationCode(AuthenticationCodeAuthenticator.java:41) examples-keycloak-1 | at cc.coopersoft.keycloak.phone.authentication.authenticators.directgrant.AuthenticationCodeAuthenticator.lambda$authenticate$0(AuthenticationCodeAuthenticator.java:33) examples-keycloak-1 | at java.base/java.util.Optional.ifPresentOrElse(Optional.java:196) examples-keycloak-1 | at cc.coopersoft.keycloak.phone.authentication.authenticators.directgrant.AuthenticationCodeAuthenticator.authenticate(AuthenticationCodeAuthenticator.java:33) examples-keycloak-1 | at org.keycloak.authentication.DefaultAuthenticationFlow.processSingleFlowExecutionModel(DefaultAuthenticationFlow.java:445) examples-keycloak-1 | at org.keycloak.authentication.DefaultAuthenticationFlow.processFlow(DefaultAuthenticationFlow.java:249) examples-keycloak-1 | at org.keycloak.authentication.DefaultAuthenticationFlow.processSingleFlowExecutionModel(DefaultAuthenticationFlow.java:380) examples-keycloak-1 | at org.keycloak.authentication.DefaultAuthenticationFlow.processFlow(DefaultAuthenticationFlow.java:249) examples-keycloak-1 | at org.keycloak.authentication.AuthenticationProcessor.authenticateOnly(AuthenticationProcessor.java:1025) examples-keycloak-1 | at org.keycloak.protocol.oidc.endpoints.TokenEndpoint.resourceOwnerPasswordCredentialsGrant(TokenEndpoint.java:637) examples-keycloak-1 | at org.keycloak.protocol.oidc.endpoints.TokenEndpoint.processGrantRequestInternal(TokenEndpoint.java:222) examples-keycloak-1 | at org.keycloak.protocol.oidc.endpoints.TokenEndpoint.access$100(TokenEndpoint.java:130) examples-keycloak-1 | at org.keycloak.protocol.oidc.endpoints.TokenEndpoint$1.runInternal(TokenEndpoint.java:184) examples-keycloak-1 | at org.keycloak.common.util.ResponseSessionTask.run(ResponseSessionTask.java:67) examples-keycloak-1 | at org.keycloak.common.util.ResponseSessionTask.run(ResponseSessionTask.java:44) examples-keycloak-1 | at org.keycloak.models.utils.KeycloakModelUtils.runJobInRetriableTransaction(KeycloakModelUtils.java:299) examples-keycloak-1 | at org.keycloak.protocol.oidc.endpoints.TokenEndpoint.processGrantRequest(TokenEndpoint.java:177) examples-keycloak-1 | at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) examples-keycloak-1 | at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77) examples-keycloak-1 | at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) examples-keycloak-1 | at java.base/java.lang.reflect.Method.invoke(Method.java:568) examples-keycloak-1 | at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:170) examples-keycloak-1 | at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:130) examples-keycloak-1 | at org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:660) examples-keycloak-1 | at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:524) examples-keycloak-1 | at org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$2(ResourceMethodInvoker.java:474) examples-keycloak-1 | at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364) examples-keycloak-1 | at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:476) examples-keycloak-1 | at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:434) examples-keycloak-1 | at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:192) examples-keycloak-1 | at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:152) examples-keycloak-1 | at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:183) examples-keycloak-1 | at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:141) examples-keycloak-1 | at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:32) examples-keycloak-1 | at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:492) examples-keycloak-1 | at org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:261) examples-keycloak-1 | at org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:161) examples-keycloak-1 | at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364) examples-keycloak-1 | at org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:164) examples-keycloak-1 | at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:247) examples-keycloak-1 | at io.quarkus.resteasy.runtime.standalone.RequestDispatcher.service(RequestDispatcher.java:73) examples-keycloak-1 | at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.dispatch(VertxRequestHandler.java:151) examples-keycloak-1 | at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.handle(VertxRequestHandler.java:82) examples-keycloak-1 | at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.handle(VertxRequestHandler.java:42) examples-keycloak-1 | at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1284) examples-keycloak-1 | at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:173) examples-keycloak-1 | at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:140) examples-keycloak-1 | at io.quarkus.vertx.http.runtime.StaticResourcesRecorder$2.handle(StaticResourcesRecorder.java:84) examples-keycloak-1 | at io.quarkus.vertx.http.runtime.StaticResourcesRecorder$2.handle(StaticResourcesRecorder.java:71) examples-keycloak-1 | at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1284) examples-keycloak-1 | at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:173) examples-keycloak-1 | at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:140) examples-keycloak-1 | at io.quarkus.vertx.http.runtime.VertxHttpRecorder$6.handle(VertxHttpRecorder.java:430) examples-keycloak-1 | at io.quarkus.vertx.http.runtime.VertxHttpRecorder$6.handle(VertxHttpRecorder.java:408) examples-keycloak-1 | at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1284) examples-keycloak-1 | at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:173) examples-keycloak-1 | at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:140) examples-keycloak-1 | at org.keycloak.quarkus.runtime.integration.web.QuarkusRequestFilter.lambda$createBlockingHandler$0(QuarkusRequestFilter.java:82) examples-keycloak-1 | at io.quarkus.vertx.core.runtime.VertxCoreRecorder$14.runWith(VertxCoreRecorder.java:576) examples-keycloak-1 | at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2449) examples-keycloak-1 | at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1478) examples-keycloak-1 | at org.jboss.threads.DelegatingRunnable.run(DelegatingRunnable.java:29) examples-keycloak-1 | at org.jboss.threads.ThreadLocalResettingRunnable.run(ThreadLocalResettingRunnable.java:29) examples-keycloak-1 | at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) examples-keycloak-1 | at java.base/java.lang.Thread.run(Thread.java:833) examples-keycloak-1 | examples-keycloak-1 | examples-keycloak-1 | 2023-08-31 12:48:39,392 WARN [org.keycloak.events] (executor-thread-21) type=LOGIN_ERROR, realmId=47f61b65-4ab5-406e-8396-448de1dccea4, clientId=account, userId=eb6273f3-251d-41fe-8432-64846f93fc28, ipAddress=127.0.0.1, error=invalid_user_credentials, auth_method=openid-connect, grant_type=password, client_auth_method=client-secret, authSessionParentId=43894ddf-85f6-42ea-8391-c32e71dcc211, authSessionTabId=NXOCqIdYIBM

can you tell me what I did wrong?

[sl1mpshady]

+1