HI Joe,
We were able to implement the flow partially, which goes like below:
Client Request consist of:
grant_type(urn:ietf:params
:oauth:grant-type
:jwt-bearer), assertion and scope where assertion is holding below parameters:
[Algorithm,
claim: iss,aud,exp,iat]
{only above mentioned properties will be provided in request by client}
after getting this request we're decoding it and making request for token generation to /auth/oauth/v2/token with below parameters:
Header: Authorization: Basic base64(client_id:client_secret)
Body:
grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUz.......&scope=scope
We've tried giving client_id and secret within body as well, but we're getting below error:
{ "error":"login_required", "error_description":"The resource owner could not be authenticated due to missing or invalid credentials" }
could you please tell what might be missed here?
Thanks !