Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
SwaggerUI OAuth2 clientCredentials authentication
See original GitHub issueQ&A (please complete the following information)
- OS: Windows
- Browser: Chrome
- Version: [e.g. 22]
- Method of installation: [e.g. npm, dist assets]
- Swagger-UI version: 3.13.2
- Swagger/OpenAPI version: Swashbuckle.AspNetCore 2.4.0
Content & configuration
Example Swagger/OpenAPI definition:
"securityDefinitions":{
"oauth2":{
"flow":"application",
"tokenUrl":"https://*****/oauth/token",
"scopes":{
"read":"Read access"
},
"type":"oauth2"
},
...
"security":[
{
"oauth2":[
"read"
]
},
Swagger-UI configuration options: None
Describe the bug you’re encountering
I configured Swagger to use the oauth2 clientCredentials flow and I get the following screen in Swagger UI for authentication.
But when I fill in the client_id and client_secret and I press Authorize I get an error.
When I look at the the actual POST Swagger UI does I see the following issues.
- In the header I see Content-Type: application/x-www-form-urlencoded instead of application/json
- In the header I also have Authorization: Basic ****, but I wasn’t expecting that, the client_id & client_secret should have been part of the body
- In the body I only have grant_type: client_credentials & scope: read, and I’m missing the client_id & client_secret
I think it is a bug, but maybe I’m doing something wrong?
Issue Analytics
- State:
- Created 5 years ago
- Comments:12 (4 by maintainers)
Top Results From Across the Web
OAuth 2.0 - Swagger
OAuth 2.0 is an authorization protocol that gives an API client limited access to user data on a web server. GitHub, Google, and...
Read more >Define security schemas for Swagger UI to try ... - Rosengren.me
We're saying that this is using the Client Credentials flow by setting Type = SecuritySchemeType.OAuth2 , Scheme = "bearer" , BearerFormat = " ......
Read more >Solved: OAuth2.0 Client Credentials Parameters
Solved: Hi Team, I'm fairly new to Swagger Editor and API documentation and I have to add a parameter to pass my access...
Read more >Issue authenticating to Auth0 via Swagger UI (.NET) with client ...
AspNetCore) using client credentials. I'm getting the following error: Auth ErrorError, error: access_denied, description: Non-global clients ...
Read more >SwaggerUI Client Credentials Authentication not working ...
In case if it is “client_secret_post” SwaggerUI authentication don't work. ... OAuth2,. Flows = new OpenApiOAuthFlows. {. ClientCredentials ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
I did a bit of a hacky work around. http://waldoscode.blogspot.com/2018/07/using-swashbuckle-or-swagger-ui-with.html
@shockey, I think all that would be needed is for the json object being posted to allow for an audience to be passed… If I get time I might try and work something up.
@crazyman1979, this is a resolved support ticket - please open a new issue if you’re having problems!