Reputation: 236
WSO2 API Manager Client Credentials renew token
I am trying to renew the token generated through API Manager.
The curl statement for generate token is:
curl -k -d "grant_type=client_credentials" -H "Authorization: Basic TDQ0SktDZm5DcVVDSVBjdGYwVDIyRWwwUGY4YT
o2d19NQm9xYnBFXzRLNHR0Wkc0NXhxd0NMTDRh , Content-Type: application/x-www-form-urlencoded" https://10.108.106.214:8250/token
The response is
"scope":"am_application_scope default","token_type":"bearer","expires_in":1094,"access_token":"6d1d0f8afbd147d24bcd42bbc5361a1"
Based on the documentation it is supposed to generate a retoken which is not being genarated. What am I missing?
Also when I pass the grant_type as refresh_token. I get a invalid grant error.
curl -X POST -H "Authorization: Basic TDQ0SktDZm5DcVVDSVBjdGYwVDIyRWwwUGY4YTo2d19NQm9xYnBFXzRLNHR0Wkc0NXhxd0NMTDRh" -H "Content-Type: application/x-www-form-urlencoded" -d 'grant_type=refresh_token&refresh_token=6d1d0f8afbd147d24bcd42bbc5361a1' 'https://10.108.106.214:8250/token'
I am referring to the documentation in the URL https://docs.wso2.com/display/AM191/Token+API#TokenAPI-RenewingaccesstokensRenewing
So what am I missing?
Upvotes: 5
Views: 1284
Answers (2)
Reputation: 87
If i am not mistaken, in the response you have received.
"scope":"am_application_scope default","token_type":"bearer","expires_in":1094,"access_token":"6d1d0f8afbd147d24bcd42bbc5361a1"
This is the new access token.
access_token":"6d1d0f8afbd147d24bcd42bbc5361a1"
Take note of the current token, then run the curl command again. The response should be a different token.
Upvotes: 0
Reputation: 32458
According to the OAuth 2.0 Authorization Protocol specification, grant_type client_credentials should not issue refresh token.
If the access token request is valid and authorized, the authorization server issues an access token as described in Section 5.1. A refresh token SHOULD NOT be included.
You have to use Password Grant Type
Request :
curl -k -d "grant_type=password&username=admin&password=admin" -H "Authorization: Basic bkxidjNPTnYxQ25iTXBRY2E3V3hPajdaMUVZYTpuTUQzX0tKQkhGRmxFUUlXdllmSjdTUFlleThh, Content-Type: application/x-www-form-urlencoded" https://localhost:8243/token
Response :
{"scope":"default","token_type":"bearer","expires_in":3247,"refresh_token":"91729a78a96b58d80d869f3ec2ce8b8","access_token":"ec54b39dd9503c9f65df84b67ea586"}
Use the refresh_token to Renewing access tokens
Upvotes: 3
Related Questions
- Wso2 Api Manager - OAuth Token Error- OAuth application is not in active state
- Requesting Access Token from WSO2 API Manager via Token API
- WSO2 api manager - refresh token request format
- Wso2: Error while renewing Access Token for Consumer Key xxxx and user admin
- WSO2 APIM Authentication
- WSO2 API Manager Authentication
- WSO2 Api Manager 1.7 : Unable to regenerate access token
- How to refresh the access token of an Application with the WSO2 API Manager 1.10.0?
- Getting error while Regenerate Application AccessToken using Curl command in wso2 API manager 1.8.0
- WSO2 API Manager - API authentication failure - Required OAuth credentials not provided