I've been trying to create an access_token
for my api. I've followed the setup and am using Postman to test/create a token. I can't seem to get past an invalid_grant
error.
I've tried what seems like every combination I've been able to find without any luck. Here is my setup:
Sending a POST
request to: http://mywebsite.local/oauth/token
In the body, I am setting form-data
to this (name/value):
grant_type password
client_id 1
client_secret <super_long_string>
username [email protected]
password secret
I've used tinker to create a dummy user:
factory('App\User')->create()
I use the newly created user for my username/password above.
Regardless of what I'm doing (short of not passing anything) this is the error I'm always seeing:
{
"error": "invalid_grant",
"error_description": "The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.",
"hint": "",
"message": "The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."
}
I've read many times this means the grant_type
I'm trying to get doesn't match up to the client. I'm using php artisan passport:client --password
to create the client, so I don't understand why it's invalid. I only have one client, so I know I'm using the correct id
. This issue seems like the same thing, I am seeing but has since been closed.
For my headers I'm only setting Content-Type application/json
, and I have nothing set for Authorization headers.
I'm not sure what else to try. Thank you for any suggestions!