OAuth token request needs client credentials to be sent in header in Base64 format

rohanlimaye · ‎06-28-2019

We are trying to set up OAuth 2.0 client provider in application registry with "Client Credentials" grant type for outbound REST messages.

The third party provider needs Client Id and Secret to be provided in header in Base64 format like below:

Header :

"Authorization" : "Basic <base64 encoded value in format client_id:client_secret>"

In standard configuration of OAuth is there any way to do this? I tried using OAuthUtil script include but could not figure out how to add parameter in header of token request.

Can anyone please help on this?

Aksha · ‎06-29-2019

Did you tried adding the Authorization in http request header in outbound rest message in the mentioned format?

rohanlimaye · ‎06-29-2019

Hi Aksha,

Thanks for the response. I can get the access token from the below mentioned code. But I dont know how to put this in OAuthUtil script include which can be used in application registry OAuth configuration.

var body = "grant_type=client_credentials";

var req = new GlideHTTPRequest("<token endpoint>");
req.addHeader('Authorization','Basic <Base64 encoded clientid:client secret>');
req.addHeader('Content-Type','application/x-www-form-urlencoded');

var resp = req.post(body);

Aksha · ‎07-01-2019

Please confirm my understanding with the steps you followed:

1) You are trying to access a 3rd party provider using oAuth authentication.

2) Created an outbound REST message to generate oAuth token using the base 64 encoded authorization with client id and client secret.

3) Created a registry for this provider

4) Added the token URL as the Outbound Rest API in Application registry with grant type client credentials:

Why are you trying to pass the id and secret in header again?