I’ve tried using the OAuth2 plugin with Kong Community Edition, configuring it on one of our APIs to support both client credentials as well as authorization code flows. However, when I attempt to obtain a token using client credentials in either postman or SoapUI, I get an error response that “no API found with those values”, which typically means Kong was unable to route the request to an API because nothing is configured at that endpoint.
According to the OAuth2 plugin docs, by default the plugin should be listening to both /oauth2/authorize and /oauth2/token. Is there additional setup or configuration required to get the OAuth2 plugin listening at those endpoints?
by default the plugin should be listening to both /oauth2/authorize and /oauth2/token
This is slightly inaccurate. What the documentation means, is that the OAuth2 plugin will make an API listen to those endpoints. In order to hit those, you first need to match the API in Kong (with any
method you defined on the API), and then, append
/oauth2/authorize to the request’s URL.
Example with the following API:
The request should look like this:
POST /foo/oauth2/authorize HTTP/1.1
I hope this example is clear enough. Of course you should not register an API that matches only
GET requests and expect being able to generate tokens for it… This is likely to be improved in the future.
Thank you for your clarification. I think the plugin documentation needs to be more explicit in its explanation. Your explanation was exactly what is needed!
We welcome improvement Pull Requests for our docs - see https://github.com/Kong/getkong.org and thanks in advance!