Category: On Prem
Updated

2023-08-03

This solution is summarized from an archived support forum post. This information may have changed. If you notice an error, please let us know in Discord.

Access token is malformed with OAuth 2.0 “Authorization Code” grant type on authenticated API

Issue

I have configured my Auth0 API datasource with OAuth 2.0 and the "Authorization Code" grant type in Appsmith. Although I can successfully authorize the datasource, when I make an API call, the access token sent by Appsmith is malformed, causing the API to reject the requests due to authentication failure. When I switch to the "Client Credentials" grant type, the access token is not malformed. I need assistance in resolving this issue with the "Authorization Code" grant type.

Resolution

The issue is with the Appsmith OAuth 2.0 datasource using the "Authorization Code" grant type resulting in a malformed access token. When the access token is inspected on jwt.io, it is evident that the token is malformed. The solution to the problem is to switch to the "Client Credentials" grant type and provide the appropriate client credentials. Doing so generates a correct access token that can be used to make successful calls to the API. It is important to note that the OAuth 2.0 server being used is Auth0 by Okta, which is not a custom-built solution, so Auth0 is working correctly.