When we use hashed secret method for Application Shared Secret Security, we have faced an interesting case detailed below:
If the “Add Application Request Workflow” is disabled, there is no problem to get a Oauth token while using hashed secret method
If the “Add Application Request Workflow” is enabled, after the admin approve, developer could not get a token in no way.
Error log: error: invalid_request, error_description: given client_secret is wrong or a confidential client did not provide a secret, given secret: ‘123456', client_type: 'confidential'
Release : 5.0.2
Component : API PORTAL
This will be resolved in portal 5.1.2 which is expected to be available in October.