Layer7 API Management

 View Only
  • 1.  Authorization Code # The given grant is invalid

    Posted Oct 22, 2019 05:31 AM
    Hello Guys,

    While trying to test the authorization code oauth grant via postman or curl, it is throwing error as below :--


    curl -i -k -X POST -d "grant_type=authorization_code&code=*******************&client_id=*******************&client_secret=*******************&https://test.gateway.com:8443/oauth/v2/client/authcode?auth=done" https://test.gateway.com:8443/auth/oauth/v2/token
    HTTP/1.1 400 Bad Request
    x-ca-err: 3003113
    Cache-Control: no-store
    Pragma: no-cache
    Content-Type: application/json;charset=UTF-8
    Content-Length: 84
    Date: Tue, 22 Oct 2019 09:50:50 GMT
    Connection: close
    Server: CA-API-Gateway/9.0

    {
    "error":"invalid_grant",
    "error_description":"The given grant is invalid"
    }

    Please advise on how to test "authorization code" via postman or curl.

    Thanks,
    Ankush


  • 2.  RE: Authorization Code # The given grant is invalid
    Best Answer

    Broadcom Employee
    Posted Oct 22, 2019 05:48 PM
    Dear Ankush,
    You sent a "Bad Request", which means you didn't send the request as per the API spec, please check the OTK document,
    https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-3/apis-and-assertions/oauth-server-api-endpoints.html

    It seems your request doesn't have redirect_uri parameter.

    If you have test client installed during OTK installation, you can test authcode flow on (need to configure the test client first),
    https://test.gateway.com:8443/oauth/v2/client/authcode

    You can capture the traffic to see how to call the token endpoint.

    For more details about the OOTB oauth test client, you may refer to,
    https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-3/installation-workflow/verify-the-installation/run-the-oauth-2-0-test-client.html

    Regards,
    Mark