Reputation: 41
Tapkey Token Exchange returns 400 bad request invalid_grant
regarding tapkey token exchange flow: when exchanging access tokens through https://login.tapkey.com/connect/token api, I get error code 400 with error message invalid_grant
I am aware of a similar question and the solution in: Tapkey returns 400 bad request invalid_grant
My jwt token contains of the following: Header:
{
"alg": "RS256"
}
Payload:
{
"algorithm": "RS256",
"audience": "local",
"iat": 1633339589,
"exp": 1633343189,
"issuer": "tapkey",
"subject": "myIpUserID1"
}
Before I make the API call I generate the jwt token with "iat": Time.now.to_i and "exp": Time.now_to_i + 3600, the call is done a few seconds later, manually.
Beforehand I created a IdentityProviderUser via API with the "IpID": "myIpUserID1", and got a success response with a new User-ID (ID).
I also tried to make the https://login.tapkey.com/connect/token api-call with "subject" to be set to that returned User-ID, but that gave me the same error message.
Upvotes: 0
Views: 123
Answers (1)
Reputation: 475
The payload field for the UserId is expected to be "sub" not "subject"
Upvotes: 0
Related Questions
- Keycloak API always returns 401
- How to solve - Keycloak - Client not allowed to exchange
- TapKey - Getting a 403 forbidden error when trying to view own locks via the API
- Tapkey Web API - Problem when Registering OAuth clients [Tapkey]
- No HTTP resource was found that matches the request URI hen revoking grants
- Invalid scope when using authorization code flow
- Call to create grants for a user contact returns `500` error code
- Missing refresh_token when using authorization code with PKCE
- How do I properly revoke a grant using the tapkey management api?
- Tapkey token exchange is successful, but getting a 400 Bad Request when trying to login