I'm securing Spring Cloud/Spring Boot microservices with OAuth2 and all seems nicely wired up in the Authorization Server. But when I send a POST request via postman to /oauth/token to obtain an access token with grant_type = client_credentials I get the following response:
{
"error": "invalid_client",
"error_description": "Unauthorized grant type: client_credentials"
}
However in the oauth_client_details database table where OAuth Clients are registered, I have the following setup for the current Client making this request;
authorized_grant_types = `password, authorization_code, client_credentials, refresh_token`
So I took the liberty to debug Spring Boot's entire oauth flow and found something very funny happening in the AbstractTokenGranter.validateGrantType(String grantType, ClientDetails clientDetails) method. See the illustration below;
So I'd like to understand what may likely be going on here, cos it's practically unfathomable to me.
Looks like you're using RDBMS. When you insert client record in oauth_client_details table, make sure there are no spaces in value for authorized_grant_typescolumn.
Value should be like this (no space after comma):
'password,client_credentials,refresh_token'