Search code examples
c#authenticationoauth-2.0identityserver4openid

Identity Server 4 - Unable to authenticate user


I have the following client:

 new Client
 {
    RequirePkce = false,
    AllowAccessTokensViaBrowser = true,
    ClientId = "client_id_mobile",
    ClientSecrets =
    {
      new Secret("client_secret_mobile".Sha256())
    },
    AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
    AllowedScopes =
    {
      IdentityServerConstants.StandardScopes.OpenId,                    
    },
    RedirectUris = new []
    {
      "https://www.getpostman.com/oauth2/callback"
    },
  }

I'm trying to authenticate a user by doing the following within postman:

enter image description here

But as you can see I get unsupported_grant_type, I've tried changing the grant type to code I then get unauthorized_client

Can anyone point out what I'm doing wrong here?


Solution

  • For new development, you should only consider using the authorization code flow or the client credentials flow. All other flows is deprecated as of OAuth2.1.

    If you want to login using a username/password and there is no user involved, then use the client credentials flow instead.

    I wrote down a post about the flows in this articles OpenID Connect for Developers.