< chilly king 10285> does ` oauth2 token` endpoint support C Ory Community #ory-copilot

<@U04UQ68083H> does `/oauth2/token` endpoint suppo...

wooden-manchester-52124

12/11/2024, 2:07 PM

@chilly-king-10285 does

/oauth2/token

endpoint support Content-Type: application/json?

brief-egg-61061

12/11/2024, 2:07 PM

A message from kapa.ai

brief-egg-61061

12/11/2024, 2:08 PM

Based on the knowledge sources provided, the

/oauth2/token

endpoint does not support the Content-Type

application/json

. The OAuth 2.0 Token Endpoint specifically requires the use of

application/x-www-form-urlencoded

as the Content-Type. This is evident from the following information: 1. In the [OAuth 2.0 Client Credentials Flow documentation](https://www.ory.sh/docs/oauth2-oidc/client-credentials), the example for Basic Authentication shows:

Copy code

javascript const requestOptions = {   method: "POST",   headers: {     Authorization: "Basic " + basicAuth,     "Content-Type": "application/x-www-form-urlencoded",   },   body: "grant_type=client_credentials&scope=read", }

2. Similarly, for Body Authentication, the Content-Type is also set to `application/x-www-form-urlencoded`:

Copy code

javascript const requestOptions = {   method: "POST",   headers: { "Content-Type": "application/x-www-form-urlencoded" },   body: qs.toString(), }

3. The [Hydra API Reference](https://www.ory.sh/docs/hydra/reference/api) for the

oauth2TokenExchange

endpoint also specifies that the request body should be in

application/x-www-form-urlencoded

format. Therefore, when making requests to the

/oauth2/token

endpoint, you should use

Content-Type: application/x-www-form-urlencoded

and not

application/json

Open in Slack

Previous Next