Reputation: 106
Invalid scope when using authorization code flow
I want to provide an access token to a mobile client to execute the following request:
https://my.tapkey.com/api/v1/Users/${id}/Mobiles
But then I get this error:
{"Message":"Authorization has been denied for this request."}
The error is consistent with lack of provision for scopes: But this scope is only available under Token Exchange and my current method is authorization code.
When I try adding the scope register:mobile I get this error:
Sorry, there was an error: invalid_scope
Request Id: 80020549-0000-d600-b63f-84710c7967bb
Upvotes: 1
Views: 314
Answers (1)
Reputation: 475
Using the scope register:mobile is only available for token-exchange clients.
https://developers.tapkey.io/api/scopes/#only-for-token-exchange-clients
Creating a third party app with unlocking experience is not available in combination of Tapkey users (authorization code flow). You have to use your own independent users with an Identity Provider and token exchange flow.
Because we don't know much about your use case, my colleague already contacted you and offered a consulting call. I encourage you to get in contact with him and explain your overall solution and discuss how to efficient integrate with Tapkey.
Upvotes: 1
Related Questions
- TapKey - Getting a 403 forbidden error when trying to view own locks via the API
- Keycloak - Use Client scope with client_credentials and authorization code flow
- Token exchange flow - how to register and login user
- Tapkey Web API - Problem when Registering OAuth clients [Tapkey]
- No HTTP resource was found that matches the request URI hen revoking grants
- Call to create grants for a user contact returns `500` error code
- Missing refresh_token when using authorization code with PKCE
- Tapkey token exchange is successful, but getting a 400 Bad Request when trying to login
- invalid_scope error in access token for client credential flow
- Google Authorization Code Flow - Getting Access Token Returns "unauthorized_client"