本文介绍了“丢失授权类型参数”在Auth0委托端点调用中的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

根据Auth0的建议,我尝试通过以下请求从Postman调用(POST)Auth0委托终结点:

I'm trying to call (POST) the Auth0 delegation endpoint from Postman with the following request, as suggested by Auth0:

Content-Type: 'application/json'

{
  "client_id":   "{CLIENT_ID}",
  "grant_type":  "urn:ietf:params:oauth:grant-type:jwt-bearer",
  "id_token":    "{YOUR_ID_TOKEN}",
  "target":      "lwTL1rYVfC0KsBUFPeKWY3HvGjbIgdDM",
  "api_type":    "salesforce_api",
  "scope":       "openid"
}

我遇到此错误,即使上述请求中包含了Grant_type参数

I'm getting this error, even though the grant_type parameter is included in the above request:

{
    "error": "invalid_request",
    "error_description": "Missing grant_type parameter"
}

我在这里做什么错了?

推荐答案

来自Auth0的新文档:

From Auth0's new OIDC Conformant Authentication docs:

鉴于,并且文档:

Also, from Auth0's Using AWS with Tokens docs:

自2017年6月8日起,新的Auth0客户无法向其客户添加任何旧授权类型,这些类型必须与。旧版赠款类型仅适用于以前的客户,当他们迁移到新流程时,可以避免更改。要找到适合您情况的替代方案,请参考。

As of 8 June 2017, new Auth0 customers cannot add any of the legacy grant types to their clients, which are required for use with the Delegation endpoint. Legacy grant types are only available for previous customers while they migrate to new flows, to avoid breaking changes. To find the secure alternative for your case refer to Secure Alternatives to the Legacy Grant Types.

从链接:

http://auth0.com/oauth/legacy/grant-type/ro/jwt-bearer




Alternative

此功能默认为禁用。如果您希望启用此功能,请讨论您的用例并避免引入安全性的可能性漏洞。

This feature is disabled by default. If you would like this feature enabled, please contact support to discuss your use case and prevent the possibility of introducing security vulnerabilities.

还可以找到有关旧式赠款类型的更多信息。

More info on legacy grant types can also be found here.

因此,您遇到的问题是不赞成使用委托。这意味着已弃用 / delegation 端点,更重要的是 jwt-bearer 授予类型。如果您是新客户,那您就不走运了。如果您是现有客户,则需要联系支持部门以使其启用。

So, the problem you are having is that Delegation has been deprecated. That means the /delegation endpoint and more importantly the jwt-bearer grant type, have been deprecated. If you are a new customer, you are out of luck. If you are an existing customer you need to contact support to get it enabled.

关于Postman为什么返回神秘的缺少grant_type参数 错误,而不是更好的客户端不允许授予类型'http://auth0.com/oauth/legacy/grant-type/delegation/id_token。 其他基于浏览器扩展的REST客户端出现的错误,您的猜测与我的一样。

As to why Postman returns the cryptic "Missing grant_type parameter" error as opposed to the much better "Grant type 'http://auth0.com/oauth/legacy/grant-type/delegation/id_token not allowed for the client." error you get with other browser extension based REST Clients, your guess is as good as mine.

这篇关于“丢失授权类型参数”在Auth0委托端点调用中的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-06 01:13