Keycloak Missing form parameter: grant_type
Solution 1
You should send your data in a POST request with Content-Type
header value set to application/x-www-form-urlencoded
, not json.
Solution 2
With Curl
curl -X POST \
http://localhost:8080/auth/realms/api-gateway/protocol/openid-connect/token \
-H 'Accept: */*' \
-H 'Accept-Encoding: gzip, deflate' \
-H 'Cache-Control: no-cache' \
-H 'Connection: keep-alive' \
-H 'Content-Length: 73' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'Cookie: JSESSIONID=F8CD240FF046572F864DC37148E51128.a139df207ece; JSESSIONID=65D31B82F8C5FCAA5B1577DA03B4647C' \
-H 'Host: localhost:8080' \
-H 'Postman-Token: debc4f90-f555-4769-b392-c1130726a027,d5087d9f-9253-48bd-bb71-fda1d4558e4d' \
-H 'User-Agent: PostmanRuntime/7.15.2' \
-H 'cache-control: no-cache' \
-d 'grant_type=password&client_id=api-gateway&username=admin&password=temp123'
By Postman (Select x-www-form-urlencoded option for parameters)
Solution 3
For those having problems with curl the curl command is as follows
curl -d "client_secret=<client-secret>" -d "client_id=<client-id>" -d "username=<username>" -d "password=<password>" -d "grant_type=password" "http://localhost:8080/auth/realms/<realm-name>/protocol/openid-connect/token"
The curl command works without the Content-Type
header.
Solution 4
For those who landed here from a search looking for JavaScript
solution.
Here is an example when exchanging code
for access_token
with keycloak
authority using axios
.
Sending the request:
const params = new URLSearchParams({
grant_type: 'authorization_code',
client_id: 'client-id-here',
code: 'code-from-previous-redirect',
redirect_uri: location.protocol + '//' + location.host
});
axios({
method: 'post',
url: 'https://my-keycloak.authority/token',
data: params.toString(),
config: {
headers: {'Content-Type': 'application/x-www-form-urlencoded'}
}
}).then(response => {
console.log(response.data);
}).catch(error => {
console.error(error);
});
You are required to send a POST request with the parameters as a URL encoded string in the request body.
FormData object does not work.
Comments
-
Borislav Stoilov almost 2 years
I have keycloak standalone running on my local machine.
I created new realm called 'spring-test', then new client called 'login-app'
According to the rest documentation:
POST: http://localhost:8080/auth/realms/spring-test/protocol/openid-connect/token { "client_id": "login-app", "username": "user123", "password": "pass123", "grant_type": "password" }
should give me the jwt token but I get bad request with response
{ "error": "invalid_request", "error_description": "Missing form parameter: grant_type" }
I am assuming that something is missing in my configuration.
EDIT: I was using json body but it should be
application/x-www-form-urlencoded
: the following body works:token_type_hint:access_token&token:{token}&client_id:{client_id}&client_secret:{client_secret}
-
Ognjen Mišić about 5 yearsI'm still having the same issue, even if i set the content type to be urlencoded: curl -d '{"grant_type": "password", "username": "user", "password": "pass", "client_id": "login-app"}' -H "Content-Type: application/x-www-form-urlencoded" -X POST "localhost:8082/auth/realms/ina-dev/protocol/openid-connect/…" {"error":"invalid_request","error_description":"Missing form parameter: grant_type"}
-
ipave about 5 yearsbecause you send json data, you should use -d "param1=value1¶m2=value2" syntaxis
-
Avión about 5 yearsThis is not working. How do you set that
-d
stuff in postman, @ipave? -
ipave about 5 years@Avión here is a link - learning.getpostman.com/docs/postman/sending_api_requests/…
-
masterxilo almost 5 yearsThanks, I was sending "multipart/form-data; boundary=--------------------------616846104444017186133807"
-
aswzen almost 4 yearsdon't forget to put
client_secret
-
Syam Sankar over 3 yearsThere is an easy way to get token without using query string. const config = { headers: {'Content-Type': 'application/x-www-form-urlencoded'} }; const formParameter =
client_id=KEYCLOAK_CLIENT_ID&client_secret=KEYCLOAK_CLIENT_SECRET&grant_type=KEYCLOAK_API_GRANT_TYPE
; axios.post(REQUEST_URL,formParameter,config); -
Scratte about 3 years
-
Sudarshan about 2 yearsquerystring is depricated now github.com/nodejs/node/blob/v17.0.0/lib/querystring.js
-
Jonathan Beadle about 2 yearsSince querystring is depricated as @sudarshan pointed out, we can use URLSearchParams instead. In this code snippet we can substitute
new URLSearchParams(params)
forqueryString.stringify(params)
. URLSearchParams should be supported in newer versions of node and the browser. If your version of node doesn't have support for it we can use a polyfill