Search code examples
oauth-2.0access-tokenidentityserver3openid-connect

error:invalid_scope - IdentityServer Flow.ClientCredential

I'm having a Client in my IdentityServer3

new Client
{
    ClientName = "Client Credentials Flow Client",
    Enabled = true,
    ClientId = "clientcredentials.reference",
    Flow = Flows.ClientCredentials,

    ClientSecrets = new List<Secret>
    {
        new Secret("secret".Sha256()),
    },

    AllowedScopes = new List<string>()
    {
        "read",
        "write"
    }
}

I hosted the Token Service in my local IIS and I tried to ping the Token using Postman, but it given an error {"error":"invalid_scope"}

Host URL: 
    https://localhost:5775/core/connect/token
Header: 
    Content-Type:application/x-www-form-urlencoded
Body:
    grant_type=client_credentials
    &cliend_id=clientcredentials.reference
    &client_secret=secret

enter image description here

Note: I'm using pure IdentityServer3 package not Thinktecture

Solution

  • Check the Scopes "read" and "write" in Scopes declaration 

    new Scope
{
    Name = "read",
    DisplayName = "Read data",
    Type = ScopeType.Resource,
    Emphasize = false,

    ScopeSecrets = new List<Secret>
    {
        new Secret("secret".Sha256())
    }
},
new Scope
{
    Name = "write",
    DisplayName = "Write data",
    Type = ScopeType.Resource,
    Emphasize = true,

    ScopeSecrets = new List<Secret>
    {
        new Secret("secret".Sha256())
    }
}

    I think its missed... Check it once...