如何在邮递员中传递客户凭证? [英] how to pass client credentials in postman?

问题描述

这个卷发效果很好

curl acme:acmesecret@localhost:9999/uaa/oauth/token  -d "password=password&username=user&grant_type=password" -H "Accept: application/json"

在这种情况下， acme 和 acmesecret 是客户端凭据，应用程序使用它们来对在 localhost:9999

In this curl, acme and acmesecret are client credentials used by application to authenticate with authorization server running in localhost:9999

我正在尝试使用邮递员(Chrome的其余客户端)发出相同的请求.

I am trying to make the same request using postman (rest client for chrome).

这是屏幕截图(我在基本身份验证"标签中输入了凭据)

Here is the screen shot (I entered credentials in Basic Auth tab)

以下是发送的请求的预览:(注意:已添加自动化基本标头)

Here is the preview of the request that is sent out: (NOTE: AUthorization basic header is added)

我收到错误信息"invalid_client".该如何解决?

I am getting error as "invalid_client". how to fix this?

谢谢

推荐答案

cURL

acme:acmesecret@localhost:9999/uaa/oauth/token

acme:acmesecret 是在基本auth标头中发送的HTTP客户端凭据.您可以添加 -v 开关以查看请求中的标头.

The acme:acmesecret is the HTTP client credentials sent in the basic auth header. You can add the -v switch to see the headers in the request.

-d "password=password&username=user&grant_type=password"

这是表单数据.

在邮递员"请求中，已将其切换.您在表单数据中有客户端凭据，而我猜您在auth标头中有用户凭据.

In the Postman request, you have it switched around. You have the client credentials in the form data, and I'm guessing you have the user credentials in the auth header.

只需切换它们.对于OAuth 2.0密码授予请求，客户端凭据应放在auth标头中，而用户凭据应在表单数据中.

Just switch them. For an OAuth 2.0 password grant request, the client credentials should go in the auth header, while the user credentials go in the form data.

这篇关于如何在邮递员中传递客户凭证?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！