Bilal
Bilal

Reputation: 1054

IdentityServer 4: Invalid grant type for client: authorization_code

I'm trying to authorize my angular client with identity server. following are the settings for my angular client.

  authority: 'http://localhost:5000',
  client_id: 'clientid',
  redirect_uri: 'https://localhost:44384/auth-callback',
  post_logout_redirect_uri: 'https://localhost:44384/',
  response_type: "code",
  scope: "openid profile",
  filterProtocolClaims: true,
  loadUserInfo: true,
  automaticSilentRenew: true,
  silent_redirect_uri: 'http://localhost:44384/silent-refresh.html'

Similar client is registered at IdentityServer side.

 new Client
 {
     ClientId = "clientid",     
     AllowedScopes = { "openid", "profile" },
     AllowedGrantTypes = GrantTypes.Code,
     RequirePkce = true,
     RequireClientSecret = false,
     AllowAccessTokensViaBrowser = true,
     AllowOfflineAccess = false,
     AccessTokenLifetime = 3600,
     RedirectUris={"https://localhost:44384/auth-callback" },
     PostLogoutRedirectUris=  {"https://localhost:44384/" },
     RequireConsent= false
  }

and it was working fine. but when i moved the same client settings to database, its giving me Invalid grant type for client.

Following are VS logs

[15:15:56 Debug] IdentityServer4.EntityFramework.Stores.ClientStore
clientid found in database: True

[15:15:56 Debug] IdentityServer4.Stores.ValidatingClientStore
client configuration validation for client clientid succeeded.

[15:15:56 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Checking for PKCE parameters

[15:15:56 Error] IdentityServer4.Validation.AuthorizeRequestValidator: Invalid grant type for client: authorization_code

Database data for client is as following.

enter image description here

and for grantType.

enter image description here

Upvotes: 6

Views: 8407

Answers (1)

Bilal
Bilal

Reputation: 1054

I have figured it out. The GrantType I have mentioned in Database is wrong.

I was writing following code when getting clients from memory. i.e. from appsettings.json file

 new Client
 {
     -------
     -------
     AllowedGrantTypes = GrantTypes.Code,
     --------
     --------
}

And later when I have moved this information to database, I mistakenly used the same grantType i.e. Code, which is wrong. It should be defined like authorization_code.

So by changing GrantType in database from Code to authorization_code. fixed my issue.

Upvotes: 8

Related Questions