Requesting a token: INTERNAL_ERROR: null

miha · April 6, 2022, 7:48am

HI

I am requesting a token, but for this client, it does not work as I am getting bellow error:
The client exists as all other applications are working. The only issues is when I am accessing token like bellow:
https://domain/auth/realms/MyRealm/protocol/openid-connect/token

curl --location --request POST 'https://domain/auth/realms/myRealm/protocol/openid-connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'scope=openid profile' \
--data-urlencode 'username=test' \
--data-urlencode 'password=test1' \
--data-urlencode 'client_id=portal1'

I get back:

{
“error”: “unauthorized_client”,
“error_description”: “INTERNAL_ERROR: null”
}

xgp · April 6, 2022, 2:59pm

Do you have “Direct Access Grants Enabled” on in your portal1 client?

miha · April 8, 2022, 4:23pm

Yes, I also try to disable it and enable it again.

jangaraj · April 8, 2022, 4:40pm

You are editing client portal, but your request uses portal1 client. Check also Keycloak logs - returned error description may not be usefull, but logs very likely contain more technical details, e.g. backtrace of that internal error/exception.

miha · April 9, 2022, 10:56am

Hello @jangaraj

this is ok, it was my typo here on the forum when I pasted here test request.

2022-04-09 11:54:15,643 ERROR [org.keycloak.services] (default task-5) KC-SERVICES0017: Unknown result status
2022-04-09 11:54:15,646 WARN [org.keycloak.events] (default task-5) type=LOGIN_ERROR, realmId=portal, clientId=portal, userId=null, ipAddress=xxx.xxx.xxx.xxx, error=invalid_client_credentials, grant_type=password

Why it is saying: “invalid_client_credentials” if I can log in with this username?

Thank you.

jangaraj · April 9, 2022, 11:12am

Generally, it should works. But you have some setup, which is causing a trouble.

invalid_client_credentials indicates a problem with your client credentials (not with user credentials). I bet you have some custom/customized flow defined, which is causing a problem.

Start new Keycloak from the scratch and create new client only - your curl test case should be working without any problem. That will prove that your setup (but not a client setup, it can be flow, realm, … setup) is causing a problem.

miha · April 9, 2022, 12:23pm

@jangaraj, yes, this works. Other clients are ok. I know that some setting is causing this. I want to figure out why. Otherwise, I would need to create a whole client again (it has a lot of ROLS).

Topic		Replies	Views
LOGIN_ERROR: ... clientId=null, userId=null....., error=invalid_code	15	31503	July 16, 2024
Invalid token while retrieving userinfo Getting advice	4	10436	August 30, 2020
Get the authentication Token from KeyCloak does not work Getting advice authentication	2	362	October 17, 2022
Grant type password fails if client consent is required Getting advice	2	418	February 29, 2024
Token exchange returns empty response for internal token to internal token exchange Configuring the server token-exchange	1	1362	January 16, 2023

Requesting a token: INTERNAL_ERROR: null

Related Topics