Reputation: 1104
Using Client Credentials flow grant/ to request an access token for Admin/Alert() API call
I am trying to use a Client Credentials grant flow to obtains any API access token for Jack Henry Digital Toolkit Admin/Alerts() request, but keep getting the following error response:
{"error":"invalid_request","error_description":"no client authentication mechanism provided"}
Below is an example of my curl request which attempts to use a SignedJWT (client_assertion) to authenticate rather than the client secret.
curl —request POST --url 'https://banno.com/a/oidc-provider/api/v0/token' \
--header 'content-type: application/x-www-form-urlencoded' \
--data-urlencode client-id=$CLIENT_ID \
--data-urlencode grant_type=client_credentials \
--data-urlencode client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer \
--data-urlencode client-assertion=$SIGNED_JWT
Our client-assertion header/payload is similar to the following example:
{
"alg": "PS256",
}
{
"jti": "065d67c7-41f9-4da0-bdb6-1197d128dcc8",
"aud": "https://banno.com/a/oidc-provider/api/v0/token",
"sub": "OUR EXTERNAL APPLICATION CLIENT ID",
"iss": "OUR EXTERNAL APPLICATION CLIENT ID",
"iat": 1693247831,
"exp": 1693247891
}
Upvotes: 0
Views: 280
Answers (1)
Reputation: 360
The endpoint is expecting the parameters in snake case. Try swapping client-assertion with client_assertion. You shouldn't need the client-id either.
I'd also encourage you to take a look at our node.js sample: https://github.com/Banno/banno-client-creds-helper/blob/master/lib/commands/client-assertion.js
Upvotes: 1
Related Questions
- Is it possible to obtain a token for the Consumer API using only my configured client_id and client_secret?
- Is it possible to get Admin API Access for the Garden FI?
- Banno Authorization API - obtaining addtional claims for Admin/Alert API thru auth grant flow
- Banno Invalid Client access_token issue when using Postman
- Banno Admin API for External Transfers
- Banno Admin API - Invalid Client