403 Forbidden | Access Token

aks · March 13, 2020, 6:37am

Hi,

I’m trying to generate an access_token using the password/client_credentials grant type, but I’m receiving “403 Forbidden”

{
“message”: “You cannot consume this service”
}

for the request,
curl --location --request POST ‘https://localhost:8443/mock/oauth2/token’
–header ‘host: mockbin.org’
–header ‘Authorization: Basic {client_id:client_secret}’
–header ‘Content-Type: application/x-www-form-urlencoded’
–data-urlencode ‘grant_type=password’
–data-urlencode ‘client_id={client_id}’
–data-urlencode ‘client_secret={client_secret}’
–data-urlencode ‘provision-key=oqmya7bq4vJ1QWuWMHjaF6k6KsH3E4oG’
–data-urlencode ‘scope=read’
–data-urlencode ‘authenticated_userid=oauth-consumer’

I have tried using client_credentials grant_type as well but getting the same response.

Thanks
Any Response would much be appreciated.

Hamed_Hatami · March 13, 2020, 12:11pm

First thing that I’m seeing in your request is that you’re using Basic Authorization which might be wrong

I guess below could be the right one

–header ‘Authorization: Bearer {client_id:client_secret}’

Moreover, I suggest to use JWT plugin instead

Topic		Replies	Views
OAuth2 Client Credentials Flow - Issue with Access Token Questions	2	1008	September 19, 2018
OAuth2 Client Credential multiple Access Token	0	483	January 23, 2018
Sample Oauth2 config.enable_client_credentials=true example Questions	1	385	October 13, 2020
Oauth Client Credentials Kong Hub	2	1028	April 17, 2020
Cannot get grant_type=password Oauth2 plugin to return tokens Questions	0	352	November 23, 2019

403 Forbidden | Access Token

Related Topics