- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
Hello Igor, thank you for reaching out! It seems like you’re getting a 400 Bad Request when trying to exchange Client Credentials for an Access Token using Amazon Cognito. From the documention, you have this part:
grant_type=client_credentials& scope=cdrs/producer.all
But, I have noticed you are getting the separator “/” replaced by “%2F” in your Postam raw data:
grant_type=client_credentials&scope=cdrs%2Fproducer.all
In fact, the “/” is a separator in your case and since every byte as to be correct for socket communication (as you mentionned), the issue is getting the correct syntax i.e., the “/” as a separator. With URL encoding, the “%2F” becomes an ordinary character that simply represents "/" character in element of your url, not a separator. To solve this, you would need to use a parameter for your scope value (i.e., scope = x and x = "cdrs/producer.all"), and then explicitly tell the browser not to decode it.
Another thing to review is your app configuration when exchanging your authorization code for token. You are missing the client_id and the code as well as the redirect_uri. Here a sample from the documention that will help you solve that:
POST https://mydomain.auth.us-east-1.amazoncognito.com/oauth2/token& Content-Type='application/x-www-form-urlencoded'& Authorization=Basic ZGpjOTh1M2ppZWRtaTI4M2V1OTI4OmFiY2RlZjAxMjM0NTY3ODkw
grant_type=authorization_code&
client_id=1example23456789&
code=AUTHORIZATION_CODE&
redirect_uri=com.myclientapp://myclient/redirect
You can find more details here: https://docs.aws.amazon.com/cognito/latest/developerguide/token-endpoint.html
Here is another relevant documentation: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html
Please feel free to reach out if you need any help or further assistance !
Contenuto pertinente
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata un anno fa
- AWS UFFICIALEAggiornata 2 anni fa
- Come posso risolvere gli errori 400 con accesso negato per il testo criptato di AWS KMS in AWS Glue?AWS UFFICIALEAggiornata un anno fa
Tried with postman, no problem there and it works, but in the code I am using socket communication, thus every byte has to be correct, tried also this way as postman displays the form data in raw form like this:
grant_type=client_credentials&scope=cdrs%2Fproducer.all
In postman it shows this part as the body, but putting these into body tags didnt help either.