Hi,
I am trying to use OAM 11g(11.1.2.3) OAUTH feature but facing token validation issue while validating token through REST service.
Following is the service I am using to generate token, which is generating token as below.
URI : http://<host>:<port>/ms_oauth/oauth2/endpoints/oauthservice/tokens
Service type : POST
Headers :
Content-Type: application/x-www-form-urlencoded
Authorization: Basic <base64 encoded clientid:clientsecret>
grant_type : client_credentials
Response :
{
"oracle_client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
"expires_in": 604800,
"token_type": "Bearer",
"oracle_tk_context": "client_assertion",
"access_token": "<generated token>"
}
the above service seems working as expected, but when I invoke the token validation service with above generated token it's not validating and giving error -
Token validation REST service details -
URI : http://<host>:<port>/ms_oauth/oauth2/endpoints/oauthservice/tokens
Form URL Encoded params :
assertion : "<generated token>"
grant_type : oracle-idm:/oauth/grant-type/resource-access-token/jwt
oracle_token_action : validate
Headers :
Content-Type: application/x-www-form-urlencoded
Authorization: Basic <base64 encoded clientid:clientsecret>
Response :
{
"error": "invalid_grant",
"error_description": "Mismatched assertions in token, including assertion: oracle.oauth.tk_context "
}
Please help to resolve this issue, is there any other parameter needs to be sent either in token generation service or token validation service?
Thank you.