This repository was archived by the owner on Jan 26, 2022. It is now read-only.
Missing Basic authentication in REST authentication documentation #2
Description
The documentation states, that 4 parameters need to be passed to get the Bearer Token: grant_type, scope, client_id, client_secret. When providing those 4 parameters to the API in a self-hosted setup, the server responds only with {"error":"invalid_client"}.
When I was inspecting the request that is made in the API-Documentation (/api/docs) I saw, that Basic-Authentication is used and only the two parameters grant_type and scope are passed as parameter.
$ curl -X POST "http://localhost:8080/identity/connect/token" -H 'Content-Type: application/x-www-form-urlencoded' -d "grant_type=client_credentials&scope=api.organization&client_id=organization.my-org-id&secret=sup3rs3cr3t"
{"error":"invalid_client"}
$
$ curl -X POST "http://localhost:8080/identity/connect/token" -H 'Content-Type: application/x-www-form-urlencoded' -d "grant_type=client_credentials&scope=api.organization" --user "organization:my-org-id:sup3rs3cr3t"
{"access_token":"<access-token>","expires_in":3600,"token_type":"Bearer","scope":"api.organization"}
I couldn't find where the source for the API documentation is stored. Could you please update the documentation to the correct API call (via Basic Authentication).