Recieving Invalid_grant Code Not Valid Error While Getting Access Token

Getting advice
1

I am trying to get an access token but am receiving {“error”:“invalid_grant”,“error_description”:“Code not valid”}. Here are my steps:

  1. I put into the browser the following:
    (http://localhost:8080/realms/testrealm/protocol/openid-connect/auth?client_id=testclient&redirect_uri=http://localhost:3001&response_type=code&scope=openid&state=abcd12345)

  2. I receive:
    (http://localhost:3001/?state=abcd12345&session_state=85ef9497-f021-435e-8f52-99b3d51c60b2&code=1968778b-8c73-4b47-ad97-a195f2bfed71.85ef9497-f021-435e-8f52-99b3d51c60b2.7637e258-5e11-4ba6-b9eb-e2de5341d1e3)

  3. I then go to a terminal and enter:
    curl -X POST 'http://localhost:8080/realms/testrealm/protocol/openid-connect/token' --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode 'grant_type=authorization_code' --data-urlencode 'client_id=testclient' --data-urlencode 'code=1968778b-8c73-4b47-ad97-a195f2bfed71.85ef9497-f021-435e-8f52-99b3d51c60b2.7637e258-5e11-4ba6-b9eb-e2de5341d1e3' --data-urlencode 'redirect_uri=http://localhost:3001'

  4. I receive:
    {"error":"invalid_grant","error_description":"Code not valid"}

Would someone be able to assist me with this?

3

Do you believe my code is timing out? I am just going from my browser to my terminal.

5

I am still having the same problem. I checked the log and I get:

Code '863562b1-b048-4fbc-9244-ce90d64c5e82' already used for userSession 'a58c3962-70d0-4ee1-9747-3fca3faa83d1' and client '7637e258-5e11-4ba6-b9eb-e2de5341d1e3'.
7

Thank you. I got it to work with a script. It must have just been timing out on me.

8

Hi! I am having the same issue. How did you resolved it?
Thanks!
Cheers

9

Still is not quite resolved. It worked when we stopped using client secret. We are continuing to investigate.

10

I am facing the exact same issue. Must be somthing wrong in the way we do it compare to how it’s suppose to be done. As far as I can read the code or client secret can only be used once to get some other token that should be used in the future. But I havent quite figured this out yet.