Token can not be get if application request flow is enabled
search cancel

Token can not be get if application request flow is enabled

book

Article ID: 248600

calendar_today

Updated On:

Products

CA API Developer Portal

Issue/Introduction

When we use hashed secret method for Application Shared Secret Security, we have faced an interesting case detailed below: 

If the “Add Application Request Workflow” is disabled, there is no problem to get a Oauth token while using hashed secret method
If the “Add Application Request Workflow” is enabled, after the admin approve, developer could not get a token in no way. 

Error log: error: invalid_request, error_description: given client_secret is wrong or a confidential client did not provide a secret, given secret: ‘123456', client_type: 'confidential'

 

Environment

Release : 5.0.2

Component : API PORTAL

Resolution

This will be resolved in portal 5.1.2 which is expected to be available in October.