Open davideke1 opened 10 months ago
Make sure to send client_id and client_secret, Also make sure you get the value of the client_secret before saving the app
@davideke1 and what are you sending in the request? what client_id are you using? is the client_secret correct? What is the client id and secret for your app?
I am sending the Google client ID The client secret is the one generated by the ouath system
@davideke1 What google client_id? the client_id should be set on your application. Are you send the client_id from the application or a client_id you got from google? DOT is an IDP and does no work as a RP or OAuth client for Google.
The client ID and secret is the generated one by the application and the token is the one received by the Google login and in the back end the client ID and secret key is the one generated by the oauth credentials from the cloud account
It looks like you want people to login to your website using their google credentials. Is that what you're trying to acheive?
Yes and I am using react for the front end
Django Oauth Toolkit isn't the library to use to allow people to login to your website with their google credentials. It is the library you use if you want other people to be able to login to other sites with credentials from your IDP... Ie) You want to be the google, or you have multiple independent sites and want to use OAuth as a form of SSO.
It sounds like that you want is django-allauth or django-social-auth. They're OAuth 'clients'.
DOT is an OAuth Server framework, not a client framework.
{"error":"access_denied","error_description":"Your credentials aren't allowed"}