Open azimhossaintuhin opened 3 months ago
You must use the client secret before it is hashed by pbkdf2, you are using the hashed version. It says you to save the secret before saving the application.
That is correct. When you create your application, copy the client_secret (you can deselected the Hash checkbox) and save it. This shall solve your issue.
After Creating An Application With Client Type "Confidential" and Authorization grant type: Resource owner password-based When I Request An Token And Hit The Route http://127.0.0.1:8000/auth/token with Json Body This { "username": "username" , "password":"password", "grant_type": "password", "client_id": "kRMUn5rVjGowZpqe8cqi20Ldghny5ARm7FLUke9g", "client_secret": "pbkdf2_sha256$720000$tNZxT5vI4mTyYgfrcZIZAO$MYQNjZCcURvHG18YsGfH4hSHrnjpXNcomoRYfXppVSc=" } which is a valid client id and secret key it returns me
{ "error": "invalid_client" } but when i make the Client Type "Public " and hit with the same data the access and refresh token will come