OAuth v2 Token without the MAG/Device Identifier
search cancel

OAuth v2 Token without the MAG/Device Identifier


Article ID: 271720


Updated On:


CA API Gateway


Is it possible to generate a token using /auth/oauth/v2/token without providing the mag-identifier or device identifier if we are not requesting the token for a mobile device?  Currently if we don't pass the mag-identifier/device iedentifier in the header, we get the below error:


    "error": "invalid_request",

    "error_description": "The given mag-identifier is either invalid or points to an unknown device"




Release : 10.1/OTK 4.x


User registered the client id with scope that contains msso.  The policy /auth/oauth/v2/token calls the encapulated assertion OTK Scope verification that checks the scope and see if it contains msso, then it will need to validate mag-identifier or device identifier. 

Registered a new client id with scope does not contains msso.  It worked using the new Client id/ClientSecret with grant_type=client_credentials.