search

usebruno / bruno

Opensource IDE For Exploring and Testing Api's (lightweight alternative to postman/insomnia)
https://www.usebruno.com/
MIT License
27.83k stars 1.29k forks source link

OAuth 2.0 with Client Credentials not working #3021

Open codedog opened 2 months ago

codedog commented 2 months ago

I have checked the following:

Describe the bug

I am trying to do OAuth with Client Credentials in Bruno, basically the equivalent of this Postman setup.

Postman_OAuth2 0

It works in Postman but I'm getting an error in Bruno. I can't see the actual request sent out by Bruno, and I'm not sure how I go about diagnosing this issue.

Bruno_OAuth2 0

.bru file to reproduce the bug

No response

Screenshots/Live demo link

I have included screenshots in the description above.

pietrygamat commented 2 months ago

Client ID, secret and access token URL are required fields, you skipped it only for privacy, or you actually did not configure it?

Does it work in Postman if you select client authentication to send in Request body instead of Basic Auth header (possibly the cause, as Bruno uses the latter)?

codedog commented 2 months ago

Client ID, secret and access token are required fields, you skipped it only for privacy, or you actually did not configure it?

Does it work in Postman if you select client authentication to send in Request body instead of Basic Auth header (possibly the cause, as brune uses the latter)?

Yes, I configured those values but censored them in the screenshot.

The docs for this particular API mentions Basic Auth header, and it works. I haven't tried sending it in the body. What does the body content look like in Bruno's case? I can try it when I get back to the office.

pietrygamat commented 2 months ago

What does the body content look like in Bruno's case?

It really is hard to explain in a few words, look at #1999.

Also sending token in Basic Auth header in Bruno is not yet implemented: #2106

codedog commented 2 months ago

Does it work in Postman if you select client authentication to send in Request body instead of Basic Auth header (possibly the cause, as Bruno uses the latter)?

I tried sending client credentials in the body in Postman, and it failed.

pietrygamat commented 2 months ago

That sounds about right, and it looks like you may have to wait for #2106 - which was promised to be delivered during this month. You may try running from the branch behind the link, and it hopefully works for you.