link之家

链接快照平台

输入网页链接，自动生成快照
标签化管理网页链接

Collectives™ on Stack Overflow

Find centralized, trusted content and collaborate around the technologies you use most.

Learn more about Collectives

Teams

Q&A for work

Connect and share knowledge within a single location that is structured and easy to search.

Learn more about Teams

oauth2 error AADSTS90014: The request body must contain the following parameter: 'grant_type'

Ask Question

From the development in Windev I use Oauth 2.0 for authorization to get access to the outlook mail from a user.

The application is registered at https://apps.dev.microsoft.com without the Implicit workflow. After the user enters the credentials, an Authorization Code is returned. With the new code the Bearer Token is requested with a HTTP Post command.

So far, so good.

Only that the response gives an error message that makes no sense to me.

In code:

m_sHTTPUrl = "client_id=" + m_sClientID + "&client_secret=" ...
    + m_sClientSecret ...
    + "&redirect_uri=" + m_sRedirectURL + "&code=" + m_sAuthToken ...
    + "&grant_type=authorization_code"
m_sHTTPres = ""
LogLocalFile("GetAccessToken - " + m_sTokenURL + " // " + m_sHTTPUrl) 
cMyRequest is httpRequest
cMyRequest..Method = httpPost
cMyRequest..URL = m_sTokenURL
cMyRequest..ContentType = "application/x-www-form-urlencoded"
cMyRequest..Header["grant_type"] = "authorization_code"
cMyRequest..Header["code"] = m_sAuthToken
cMyRequest..Header["client_id"] = m_sClientID
cMyRequest..Header["client_secret"] = m_sClientSecret
cMyRequest..Header["scope"] = m_sScope
cMyRequest..Header["redirect_uri"] = m_sRedirectURL
//cMyRequest..Content = m_sHTTPUrl
cMyResponse is httpResponse = HTTPSend(cMyRequest)
m_sHTTPres = cMyResponse.Content
In a logfile I requested the used parameters and the content of the httpResponse:
GetAccessToken - https://login.microsoftonline.com/common/oauth2/v2.0/token // grant_type=authorization_code
&code=xxxxxxx
&scope=openid+offline_access+User.Read+Email+Mail.Read+Contacts.Read
&redirect_uri=http://localhost/
&client_id=xxxxxxx
&client_secret=xxxxxxx
GetAccessToken - error = invalid_request
GetAccessToken - error_description = AADSTS90014: The request body must contain the following parameter: 'grant_type'.
The grant_type is in the header as it is supposed to be.
Does anybody have any clue of what is needed to get the OAUTH2 working ?
                According to this post the oauth-2.0 parameters must be in the content of your request. Did you already try it ? This post warns also on the encoding of the body.
– Bidjes
                Mar 28, 2018 at 11:40
                Thanx for the direction. a) It has to be in the body, not in the header. b) It has to be encoded, in plain text. Than it works.
– Adjan
                Mar 29, 2018 at 12:09
You shouldn't send grant_type neither in params nor in headers. Those should be sent in body params then only it will work.
Url: https://login.microsoftonline.com/common/oauth2/v2.0/token
client_id, scope and redirect_uri params can be sent as query params.
where as grant_type, code and client_secret should sent in body params.
grant_type:authorization_code, 
code: {code you got from the authorization step}, 
client_secret: ****
                Read this if you are using axios to create the params properly. All of the params went in this way and it worked for me.
– perustaja
                Jun 23, 2021 at 16:09
You need to pass everything in body as form-data:
curl --location --request POST 'https://login.microsoftonline.com/{tenant_id}/oauth2/v2.0/token' \
--form 'grant_type=authorization_code' \
--form '<the code you have got from the authorization endpoint' \
--form 'client_secret=****' \
--form 'client_id=********' \
--form 'scope=m_sScope' \
--form 'redirect_uri=http://localhost/'
                Does this also apply to the auth part? I am getting this error at the authorize endpoint, which as I understand it, comes before the token endpoint call.
– Christopher Pisz
                Dec 23, 2020 at 15:06
you should change the content type  as : application/x-www-form-urlencoded
the body must to be formated as bellow:
 client_id=8cfbe8ac-8775-4c56-9302-k9d5a42cbf98
 &client_secret=BOy7Q~pGvXF.SWshX72mmMnQeAkvN5elHWiYT
 &grant_type=client_credentials
 &resource=https://miurl.com
I finally got this right after referring to multiple answers.
POST https://login.microsoftonline.com//oauth2/token
--make sure to enter the ID directly without <,>
Use 'x-www-form-urlencoded' format for the Body.
Enter Keys & Values for the below parameters
client_id - Client_ID on your Azure App
client_secret - client_secret value and not the key. Note that this value is available only for the first time upon the client secret key creation
grant_type - client_credentials (static words, don't try to look for the value)
resource - App ID URI
reference link - https://learn.microsoft.com/en-us/previous-versions/azure/dn645543(v=azure.100)?redirectedfrom=MSDN
        Thanks for contributing an answer to Stack Overflow!
Please be sure to answer the question. Provide details and share your research!
But avoid …
Asking for help, clarification, or responding to other answers.
Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.