I am trying to use spring-security-oauth2.0
with Java based configuration. My configuration is done, but when i deploy application on tomcat and hit the /oauth/token
url for access token, Oauth
generate the follwoing error:
<oauth>
<error_description>Full authentication is required to access this resource</error_description>
<error>unauthorized</error>
</oauth>
My configuration is on Git hub, please click on link
The code is large, so refer to git. I am using chrome postman client for send request. follwing is my request.
POST /dummy-project-web/oauth/token HTTP/1.1
Host: localhost:8081
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials&client_id=abc%40gmail.com&client_secret=12345678
The error is just like, the URL is secure by Oauth
, but in configuration, i give the all permission for access this URL. What actual this problem is?
The client_id
and client_secret
, by default, should go in the Authorization header, not the form-urlencoded body.
client_id
and client_secret
, with a colon between them: [email protected]:12345678
.YWJjQGdtYWlsLmNvbToxMjM0NTY3OA==
Authorization: Basic YWJjQGdtYWlsLmNvbToxMjM0NTY3OA==