keycloak - CODE_TO_TOKEN_ERROR after user is authenticated
I am working with the nodeJS keycloak adapter and so far have my client application redirecting to the keycloak login.
When attempting to login, I get an error in the keycloak logs as follows:
12:07:12,341 WARN [org.keycloak.events] (default task-30) type=CODE_TO_TOKEN_ERROR, realmId=myrealm, clientId=client-test, userId=xxx, ipAddress=xxx.xxx.xxx.xx, error=invalid_code, grant_type=authorization_code, code_id=xxx, client_auth_method=client-secret
The error message sent back to my express application reads as 'Could not obtain grant code'.
Can someone shed some light on what this means exactly? I can only think I have configured something incorrectly in my realm\client\user settings.
Thanks
Answer
I've found the solution. It seems that if you follow this guide: https://www.ibm.com/developerworks/library/se-oauthjavapt3/index.html you will see that when you exchange the access code for the access token(/realms/{realm-name}/protocol/openid-connect/token) you need to add the same redirect_uri that you used when requesting the access code. It works for me now.
Hope it helps,
Adrian