这个卷发很好用

curl acme:acmesecret@localhost:9999/uaa/oauth/token -d "password=password&username=user&grant_type=password" -H "Accept: application/json"

在此 curl 中，acme 和 acmesecret 是客户端凭据，应用程序使用该凭据向在 localhost:9999 中运行的授权服务器进行身份验证>

我正在尝试使用邮递员(chrome 的休息客户端)发出相同的请求.

这是屏幕截图(我在基本身份验证选项卡中输入了凭据)

这是发出的请求的预览:(注意:添加了授权基本标头)

我收到错误为invalid_client".如何解决这个问题?

谢谢

cURL

acme:acmesecret@localhost:9999/uaa/oauth/token

acme:acmesecret 是在基本身份验证标头中发送的 HTTP 客户端凭据.您可以添加 -v 开关以查看请求中的标头.

-d "password=password&username=user&grant_type=password"

这是表单数据.

在 Postman 请求中，您已将其切换.您在表单数据中有客户端凭据，我猜您在 auth 标头中有用户凭据.

只需切换它们.对于 OAuth 2.0 密码授权请求，客户端凭据应位于 auth 标头中，而用户凭据应位于表单数据中.

This curls works fine

curl acme:acmesecret@localhost:9999/uaa/oauth/token  -d "password=password&username=user&grant_type=password" -H "Accept: application/json"

In this curl, acme and acmesecret are client credentials used by application to authenticate with authorization server running in localhost:9999

I am trying to make the same request using postman (rest client for chrome).

Here is the screen shot (I entered credentials in Basic Auth tab)

Here is the preview of the request that is sent out: (NOTE: AUthorization basic header is added)

I am getting error as "invalid_client". how to fix this?

Thanks

cURL

acme:acmesecret@localhost:9999/uaa/oauth/token

The acme:acmesecret is the HTTP client credentials sent in the basic auth header. You can add the -v switch to see the headers in the request.

-d "password=password&username=user&grant_type=password"

This is the form data.

In the Postman request, you have it switched around. You have the client credentials in the form data, and I'm guessing you have the user credentials in the auth header.

Just switch them. For an OAuth 2.0 password grant request, the client credentials should go in the auth header, while the user credentials go in the form data.