need full steps to set client secret key and how to use in postman to get token.
I want to get api token based on client secrete key and gives error "Invalid_Client" when we set require client secret in abp commercial settings.hope now you understand. give us the steps to use client secret as required and how to get the token with client secret key in postman.
10 Answer(s)
-
0
hi Naren
I will try to share the full steps and code.
-
1
[10:24:04 DBG] Secret validators could not validate secret [10:24:04 INF] {"ClientId": "QAX_App", "Category": "Authentication", "Name": "Client Authentication Failure", "EventType": "Failure", "Id": 1011, "Message": "Invalid client secret", "ActivityId": "0HM7F6ITJS7FV:00000006", "TimeStamp": "2021-03-25T02:24:04.0000000Z", "ProcessId": 16676, "LocalIpAddress": "::1:44328", "RemoteIpAddress": "::1", "$type": "ClientAuthenticationFailureEvent"} [10:24:04 ERR] Client secret validation failed for client: QAX_App. [10:24:04 INF] Request finished HTTP/1.1 POST https://localhost:44328/connect/token application/x-www-form-urlencoded 71 - 400 - application/json;+charset=UTF-8 43.6361ms
After add Client_Secret:
[10:26:16 INF] Request starting HTTP/1.1 POST https://localhost:44328/connect/token application/x-www-form-urlencoded 95 [10:26:16 DBG] Request path /connect/token matched to endpoint type Token [10:26:16 DBG] Endpoint enabled: Token, successfully created handler: IdentityServer4.Endpoints.TokenEndpoint [10:26:16 INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.TokenEndpoint for /connect/token [10:26:16 DBG] Start token request. [10:26:16 DBG] Start client validation [10:26:16 DBG] Start parsing Basic Authentication secret [10:26:16 DBG] Start parsing for secret in post body [10:26:16 DBG] Parser found secret: PostBodySecretParser [10:26:16 DBG] Secret id found: QAX_App [10:26:16 DBG] client configuration validation for client QAX_App succeeded. [10:26:16 DBG] Secret validator success: HashedSharedSecretValidator [10:26:16 DBG] Client validation success [10:26:16 INF] {"ClientId": "QAX_App", "AuthenticationMethod": "SharedSecret", "Category": "Authentication", "Name": "Client Authentication Success", "EventType": "Success", "Id": 1010, "Message": null, "ActivityId": "0HM7F6ITJS7FV:00000008", "TimeStamp": "2021-03-25T02:26:16.0000000Z", "ProcessId": 1667 6, "LocalIpAddress": "::1:44328", "RemoteIpAddress": "::1", "$type": "ClientAuthenticationSuccessEvent"} [10:26:16 DBG] Start token request validation [10:26:16 DBG] Start resource owner password token request validation [10:26:16 WRN] Ldap login feature is not enabled! [10:26:16 INF] Credentials validated for username: admin [10:26:16 INF] {"Username": "admin", "Provider": null, "ProviderUserId": null, "SubjectId": "8a0ff9af-ed31-29e9-fc65-39fb795c9baa", "DisplayName": null, "Endpoint": "Token", "ClientId": "QAX_App", "Category": "Authentication", "Name": "User Login Success", "EventType": "Success", "Id": 1000, "Message": n ull, "ActivityId": "0HM7F6ITJS7FV:00000008", "TimeStamp": "2021-03-25T02:26:16.0000000Z", "ProcessId": 16676, "LocalIpAddress": "::1:44328", "RemoteIpAddress": "::1", "$type": "UserLoginSuccessEvent"} [10:26:16 DBG] Resource owner password token request validation success. [10:26:16 INF] Token request validation success, {"ClientId": "QAX_App", "ClientName": "QAX_App", "GrantType": "password", "Scopes": "address email offline_access openid phone profile QAX role", "AuthorizationCode": "********", "RefreshToken": "********", "UserName": "admin", "AuthenticationContextRefere nceClasses": null, "Tenant": null, "IdP": null, "Raw": {"Client_Id": "QAX_App", "UserName": "admin", "Password": "***REDACTED***", "grant_type": "password", "Client_Secret": "***REDACTED***"}, "$type": "TokenRequestValidationLog"} [10:26:16 DBG] Getting claims for access token for client: QAX_App [10:26:16 DBG] Getting claims for access token for subject: 8a0ff9af-ed31-29e9-fc65-39fb795c9baa [10:26:16 DBG] Creating refresh token [10:26:16 DBG] Setting an absolute lifetime: 31536000 [10:26:16 INF] {"ClientId": "QAX_App", "ClientName": "QAX_App", "RedirectUri": null, "Endpoint": "Token", "SubjectId": "8a0ff9af-ed31-29e9-fc65-39fb795c9baa", "Scopes": "address email offline_access openid phone profile QAX role", "GrantType": "password", "Tokens": [{"TokenType": "refresh_token", "TokenV alue": "****B62F", "$type": "Token"}, {"TokenType": "access_token", "TokenValue": "****497A", "$type": "Token"}], "Category": "Token", "Name": "Token Issued Success", "EventType": "Success", "Id": 2000, "Message": null, "ActivityId": "0HM7F6ITJS7FV:00000008", "TimeStamp": "2021-03-25T02:26:16.0000000Z", "ProcessId": 16676, "LocalIpAddress": "::1:44328", "RemoteIpAddress": "::1", "$type": "TokenIssuedSuccessEvent"} [10:26:16 DBG] Token request success. [10:26:16 INF] Request finished HTTP/1.1 POST https://localhost:44328/connect/token application/x-www-form-urlencoded 95 - 200 - application/json;+charset=UTF-8 220.1673ms
-
0
-
0
hi
Please share the error logs of invalid_client.
-
0
Hi Where we will get this error log?
-
0
It's located at Logs/logs.txt by default.
-
0
2021-03-25 11:56:57.205 +05:30 [INF] Request starting HTTP/1.1 POST https://localhost:44318/connect/token application/x-www-form-urlencoded 137 2021-03-25 11:56:57.221 +05:30 [DBG] Request path /connect/token matched to endpoint type Token 2021-03-25 11:56:57.236 +05:30 [DBG] Endpoint enabled: Token, successfully created handler: IdentityServer4.Endpoints.TokenEndpoint 2021-03-25 11:56:57.236 +05:30 [INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.TokenEndpoint for /connect/token 2021-03-25 11:56:57.236 +05:30 [DBG] Start token request. 2021-03-25 11:56:57.236 +05:30 [DBG] Start client validation 2021-03-25 11:56:57.236 +05:30 [DBG] Start parsing Basic Authentication secret 2021-03-25 11:56:57.236 +05:30 [DBG] Start parsing for secret in post body 2021-03-25 11:56:57.236 +05:30 [DBG] Parser found secret: PostBodySecretParser 2021-03-25 11:56:57.236 +05:30 [DBG] Secret id found: xxxxx 2021-03-25 11:56:57.248 +05:30 [DBG] client configuration validation for client xxxxx succeeded. 2021-03-25 11:56:57.248 +05:30 [DBG] No matching hashed secret found. 2021-03-25 11:56:57.248 +05:30 [DBG] Secret validators could not validate secret 2021-03-25 11:56:57.248 +05:30 [INF] {"ClientId":"xxxxx","Category":"Authentication","Name":"Client Authentication Failure","EventType":"Failure","Id":1011,"Message":"Invalid client secret","ActivityId":","TimeStamp":"2021-03-25T06:26:57.0000000Z","ProcessId":,"LocalIpAddress,"RemoteIpAddress"","$type":"ClientAuthenticationFailureEvent"} 2021-03-25 11:56:57.248 +05:30 [ERR] Client secret validation failed for client: xxxxx.
-
0
hi
I want to check it remotely.
https://zoom.us/j/99623357334?pwd=YXFPK3A2QWQxUDJTK1ZONXg5cXBRZz09
-
0
Solved
-
0
Thanks