oauth2 error AADSTS90014: The request body must contain the following parameter: 'grant_type'
Solution 1
You shouldn't send grant_type
neither in params nor in headers. Those should be sent in body params then only it will work.
Url: https://login.microsoftonline.com/common/oauth2/v2.0/token
client_id
, scope
and redirect_uri
params can be sent as query params.
where as grant_type
, code
and client_secret
should sent in body params.
grant_type:authorization_code,
code: {code you got from the authorization step},
client_secret: ****
Solution 2
You need to pass everything in body as form-data
:
curl --location --request POST 'https://login.microsoftonline.com/{tenant_id}/oauth2/v2.0/token' \
--form 'grant_type=authorization_code' \
--form '<the code you have got from the authorization endpoint' \
--form 'client_secret=****' \
--form 'client_id=********' \
--form 'scope=m_sScope' \
--form 'redirect_uri=http://localhost/'
Related videos on Youtube
Adjan
Updated on July 09, 2022Comments
-
Adjan almost 2 years
From the development in Windev I use Oauth 2.0 for authorization to get access to the outlook mail from a user.
The application is registered at https://apps.dev.microsoft.com without the Implicit workflow. After the user enters the credentials, an Authorization Code is returned. With the new code the Bearer Token is requested with a HTTP Post command.
So far, so good.
Only that the response gives an error message that makes no sense to me.
In code:
m_sHTTPUrl = "client_id=" + m_sClientID + "&client_secret=" ... + m_sClientSecret ... + "&redirect_uri=" + m_sRedirectURL + "&code=" + m_sAuthToken ... + "&grant_type=authorization_code" m_sHTTPres = "" LogLocalFile("GetAccessToken - " + m_sTokenURL + " // " + m_sHTTPUrl) cMyRequest is httpRequest cMyRequest..Method = httpPost cMyRequest..URL = m_sTokenURL cMyRequest..ContentType = "application/x-www-form-urlencoded" cMyRequest..Header["grant_type"] = "authorization_code" cMyRequest..Header["code"] = m_sAuthToken cMyRequest..Header["client_id"] = m_sClientID cMyRequest..Header["client_secret"] = m_sClientSecret cMyRequest..Header["scope"] = m_sScope cMyRequest..Header["redirect_uri"] = m_sRedirectURL //cMyRequest..Content = m_sHTTPUrl cMyResponse is httpResponse = HTTPSend(cMyRequest) m_sHTTPres = cMyResponse.Content
In a logfile I requested the used parameters and the content of the httpResponse:
GetAccessToken - https://login.microsoftonline.com/common/oauth2/v2.0/token // grant_type=authorization_code &code=xxxxxxx &scope=openid+offline_access+User.Read+Email+Mail.Read+Contacts.Read &redirect_uri=http://localhost/ &client_id=xxxxxxx &client_secret=xxxxxxx GetAccessToken - error = invalid_request GetAccessToken - error_description = AADSTS90014: The request body must contain the following parameter: 'grant_type'.
The grant_type is in the header as it is supposed to be.
Does anybody have any clue of what is needed to get the OAUTH2 working ?
-
Bidjes about 6 years
-
Adjan about 6 yearsThanx for the direction. a) It has to be in the body, not in the header. b) It has to be encoded, in plain text. Than it works.
-
-
Mahesh Samudra almost 4 yearsTo convert params to formdata - stackoverflow.com/a/47630754/1481519
-
Julien Seligmann over 3 yearsclient_id, scope and redirect_uri must also be sent in the body
-
Askdesigners over 3 yearsmy god this service is such a turd!
-
Christopher Pisz over 3 yearsDoes this also apply to the auth part? I am getting this error at the authorize endpoint, which as I understand it, comes before the token endpoint call.
-
perustaja almost 3 yearsRead this if you are using axios to create the params properly. All of the params went in this way and it worked for me.