0 Replies Latest reply on Jan 9, 2020 4:55 AM by 2807207

    OAM 11.1.2.3 token validation not working

    2807207

      Hi,

       

      I am trying to use OAM 11g(11.1.2.3) OAUTH feature but facing token validation issue while validating token through REST service.

       

      Following is the service I am using to generate token, which is generating token as below.

       

      URI : http://<host>:<port>/ms_oauth/oauth2/endpoints/oauthservice/tokens

      Service type : POST

      Headers :

           Content-Type: application/x-www-form-urlencoded

           Authorization: Basic <base64 encoded clientid:clientsecret>

      grant_type : client_credentials

       

      Response :

      {

        "oracle_client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",

        "expires_in": 604800,

        "token_type": "Bearer",

        "oracle_tk_context": "client_assertion",

        "access_token": "<generated token>"

      }

       

      the above service seems working as expected, but when I invoke the token validation service with above generated token it's not validating and giving error -

      Token validation REST service details -

       

      URI :   http://<host>:<port>/ms_oauth/oauth2/endpoints/oauthservice/tokens

      Form URL Encoded params :

           assertion : "<generated token>"

           grant_type : oracle-idm:/oauth/grant-type/resource-access-token/jwt

           oracle_token_action : validate

       

      Headers :

           Content-Type: application/x-www-form-urlencoded

           Authorization: Basic <base64 encoded clientid:clientsecret>

       

      Response :

      {

        "error": "invalid_grant",

        "error_description": "Mismatched assertions in token, including assertion: oracle.oauth.tk_context "

      }

       

      Please help to resolve this issue, is there any other parameter needs to be sent either in token generation service or token validation service?

       

      Thank you.