I can successfully call my Api via a web browser. Using IdentityModel works fine. But when I try to call the Api via Fiddler I get invalid_client. My client information comes from a database based on the MembershipReboot Client tables.
I tried passing data via the Post Body and via Authentication basic. Both fail.
When calling using Authentication Basic encoded parameters I have the following>
User-Agent: Fiddler
Host: qaquasaridentity
Content-Length: 0
Content-Type: application/x-www-form-urlencoded
Authorization: Basic dGVzdC5hcGk6c2VjcmV0
The actual encoded value in Fiddler shows:
No Proxy-Authorization Header is present.
Authorization Header is present: Basic dGVzdC5hcGk6c2VjcmV0
Decoded Username:Password= test.api:secret
When I call using the Post Body for parameters the data passed is:
client_id=test.api
&client_secret=secret
&grant_type=client_credentials
&scope=testapi
The Server log says
2017-01-20 12:06:13.968 -06:00 [Debug] Start client validation
2017-01-20 12:06:13.971 -06:00 [Debug] Start parsing Basic Authentication secret
2017-01-20 12:06:13.973 -06:00 [Debug] Start parsing for secret in post body
2017-01-20 12:06:13.973 -06:00 [Debug] No secret in post body found
2017-01-20 12:06:13.976 -06:00 [Debug] Start parsing for X.509 certificate
2017-01-20 12:06:13.976 -06:00 [Debug] client_id is not found in post body
w3wp.exe Information: 0 : 2017-01-20 12:06:13.976 -06:00 [Information] Parser found no secret
w3wp.exe Information: 0 : 2017-01-20 12:06:13.981 -06:00 [Information] No client secret found
w3wp.exe Information: 0 : 2017-01-20 12:06:13.983 -06:00 [Information] End token request
w3wp.exe Information: 0 : 2017-01-20 12:06:13.988 -06:00 [Information] Returning error: invalid_client
I have the client_id and client_secret but the error log says otherwise.
Can anyone explain what I am doing wrong? I can get my access_token via .NET on the backend but not via Fiddler.
http://openid.net/specs/openid-connect-core-1_0.html#TokenRequest https://identityserver.github.io/Documentation/docsv2/endpoints/token.html