Requesting a token: INTERNAL_ERROR: null


I am requesting a token, but for this client, it does not work as I am getting bellow error:
The client exists as all other applications are working. The only issues is when I am accessing token like bellow:

curl --location --request POST 'https://domain/auth/realms/myRealm/protocol/openid-connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'scope=openid profile' \
--data-urlencode 'username=test' \
--data-urlencode 'password=test1' \
--data-urlencode 'client_id=portal1'

I get back:

“error”: “unauthorized_client”,
“error_description”: “INTERNAL_ERROR: null”

Do you have “Direct Access Grants Enabled” on in your portal1 client?

Yes, I also try to disable it and enable it again.

You are editing client portal, but your request uses portal1 client. Check also Keycloak logs - returned error description may not be usefull, but logs very likely contain more technical details, e.g. backtrace of that internal error/exception.

1 Like

Hello @jangaraj

this is ok, it was my typo here on the forum when I pasted here test request.

2022-04-09 11:54:15,643 ERROR [] (default task-5) KC-SERVICES0017: Unknown result status
2022-04-09 11:54:15,646 WARN [] (default task-5) type=LOGIN_ERROR, realmId=portal, clientId=portal, userId=null,, error=invalid_client_credentials, grant_type=password

Why it is saying: “invalid_client_credentials” if I can log in with this username?

Thank you.

Generally, it should works. But you have some setup, which is causing a trouble.

invalid_client_credentials indicates a problem with your client credentials (not with user credentials). I bet you have some custom/customized flow defined, which is causing a problem.

Start new Keycloak from the scratch and create new client only - your curl test case should be working without any problem. That will prove that your setup (but not a client setup, it can be flow, realm, … setup) is causing a problem.

@jangaraj, yes, this works. Other clients are ok. I know that some setting is causing this. I want to figure out why. Otherwise, I would need to create a whole client again (it has a lot of ROLS).