How to use session to issue access_token?
I found this message but it seems to be outdated? How to use the session token to obtain user info? (custom login ui)
I'm doing 3rd step "Do a HTTP HEAD request to /oauth/v2/authorize with x-zitadel-login-client header. The value for the header must be the ID from the service account (#1)" and it fails with 400:
msg="request error" oidc_error.parent="auth request is missing client_id" oidc_error.description="auth request is missing client_id" oidc_error.type=invalid_request status_code=400
please, where am I wrong? or what should I do to secure my API endpoints? thank you!
I'm doing 3rd step "Do a HTTP HEAD request to /oauth/v2/authorize with x-zitadel-login-client header. The value for the header must be the ID from the service account (#1)" and it fails with 400:
msg="request error" oidc_error.parent="auth request is missing client_id" oidc_error.description="auth request is missing client_id" oidc_error.type=invalid_request status_code=400
curl -i -X HEAD \
-H "x-zitadel-login-client:289722227824263197" \
'http://localhost:8080/oauth/v2/authorize'curl -i -X HEAD \
-H "x-zitadel-login-client:289722227824263197" \
'http://localhost:8080/oauth/v2/authorize'please, where am I wrong? or what should I do to secure my API endpoints? thank you!
