I am requesting a token, but for this client, it does not work as I am getting bellow error:
The client exists as all other applications are working. The only issues is when I am accessing token like bellow:
curl --location --request POST 'https://domain/auth/realms/myRealm/protocol/openid-connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'scope=openid profile' \
--data-urlencode 'username=test' \
--data-urlencode 'password=test1' \
I get back:
“error_description”: “INTERNAL_ERROR: null”
Do you have “Direct Access Grants Enabled” on in your
Yes, I also try to disable it and enable it again.
You are editing client
portal, but your request uses
portal1 client. Check also Keycloak logs - returned error description may not be usefull, but logs very likely contain more technical details, e.g. backtrace of that internal error/exception.
this is ok, it was my typo here on the forum when I pasted here test request.
2022-04-09 11:54:15,643 ERROR [org.keycloak.services] (default task-5) KC-SERVICES0017: Unknown result status
2022-04-09 11:54:15,646 WARN [org.keycloak.events] (default task-5) type=LOGIN_ERROR, realmId=portal, clientId=portal, userId=null, ipAddress=xxx.xxx.xxx.xxx, error=invalid_client_credentials, grant_type=password
Why it is saying: “invalid_client_credentials” if I can log in with this username?
Generally, it should works. But you have some setup, which is causing a trouble.
invalid_client_credentials indicates a problem with your client credentials (not with user credentials). I bet you have some custom/customized flow defined, which is causing a problem.
Start new Keycloak from the scratch and create new client only - your
curl test case should be working without any problem. That will prove that your setup (but not a client setup, it can be flow, realm, … setup) is causing a problem.
@jangaraj, yes, this works. Other clients are ok. I know that some setting is causing this. I want to figure out why. Otherwise, I would need to create a whole client again (it has a lot of ROLS).