I am trying to fetch tokens after completing an authentication flow (username and password based) using OpenAM central login. In my callback url, I receive the auth code and state, which in turn I should call the getTokens function available in the ForgeRock javascript sdk.
I am referring the code given here, the expected response is a JWT, but the resulting response is Error: invalid_client: Client authentication failed.
In my ForgeRock config options, I can see that I can enter my OAuth2 Client ID, but can't see any field which accepts client secret, due to which authentication is failing.
Is there a way to setup client secret? Or another workaround which doesn't require client secret and just the auth code and state would suffice to fetch JWT?
The given error Error: invalid_client: Client authentication failed also comes when the auth code issued by the provider (OpenAM in this case) has expired.
By default, the expiration of the code is Zero, I had to manually increase the timeout and it worked.