Token gives "Errors.Token.Invalid (AUTH-7fs1e)" when access "auth/v1/policies/login"
when get access_token from "/oauth/v2/token" endpoint then use it in "auth/v1/policies/login" it gives "Errors.Token.Invalid (AUTH-7fs1e)"
steps:
Auth Request URL: http://localhost:8080/oauth/v2/authorize?client_id=335061218119188483&redirect_uri=http://localhost:3000/callback&response_type=code&scope=openid%20email%20profile&code_challenge=H3UkWm5JEHFIqX-s_7VTcNFr2ZgNqf17r3z4ZrqdOUE&code_challenge_method=S256
then send this request with (auth_request_id):
curl -s --request POST \
--url "${ZITADEL_DOMAIN}/v2/oidc/auth_requests/${AUTH_REQUEST_ID}" \
--header 'Accept: application/json' \
--header "Authorization: Bearer ${SERVICE_ACCOUNT_TOKEN}" \
--header 'Content-Type: application/json' \
--data "{
"session": {
"sessionId": "${SESSION_ID}",
"sessionToken": "${SESSION_TOKEN}"
}
then send this request with (code) to get the token
curl -s --request POST \
--url ${ZITADEL_DOMAIN}/oauth/v2/token \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode "grant_type=authorization_code" \
--data-urlencode "client_id=${CLIENT_ID}" \
--data-urlencode "code=${AUTH_CODE}" \
--data-urlencode "redirect_uri=${REDIRECT_URI}" \
--data-urlencode "code_verifier=${CODE_VERIFIER}"
then use the token in this policies/login (to get the configured idps)
curl --location --request GET 'localhost:8080/auth/v1/policies/login' \
--header 'Authorization: Bearer gqn3JPU7d1SpIuOHDnAMD7DxboZ_8XRDFmNulmDvospJL6KtBMKzNNbFpCPQqaoVr_xZS0ha2ApmMP3uuJP_btS_Xn2C6-YvpXfpb2QM' \
it returns:
{
"code": 16,
"message": "Errors.Token.Invalid (AUTH-7fs1e)",
"details": [
{
"@type": "type.googleapis.com/zitadel.v1.ErrorDetail",
"id": "AUTH-7fs1e",
"message": "Errors.Token.Invalid"
}
]
}
steps:
Auth Request URL: http://localhost:8080/oauth/v2/authorize?client_id=335061218119188483&redirect_uri=http://localhost:3000/callback&response_type=code&scope=openid%20email%20profile&code_challenge=H3UkWm5JEHFIqX-s_7VTcNFr2ZgNqf17r3z4ZrqdOUE&code_challenge_method=S256
then send this request with (auth_request_id):
curl -s --request POST \
--url "${ZITADEL_DOMAIN}/v2/oidc/auth_requests/${AUTH_REQUEST_ID}" \
--header 'Accept: application/json' \
--header "Authorization: Bearer ${SERVICE_ACCOUNT_TOKEN}" \
--header 'Content-Type: application/json' \
--data "{
"session": {
"sessionId": "${SESSION_ID}",
"sessionToken": "${SESSION_TOKEN}"
}
then send this request with (code) to get the token
curl -s --request POST \
--url ${ZITADEL_DOMAIN}/oauth/v2/token \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode "grant_type=authorization_code" \
--data-urlencode "client_id=${CLIENT_ID}" \
--data-urlencode "code=${AUTH_CODE}" \
--data-urlencode "redirect_uri=${REDIRECT_URI}" \
--data-urlencode "code_verifier=${CODE_VERIFIER}"
then use the token in this policies/login (to get the configured idps)
curl --location --request GET 'localhost:8080/auth/v1/policies/login' \
--header 'Authorization: Bearer gqn3JPU7d1SpIuOHDnAMD7DxboZ_8XRDFmNulmDvospJL6KtBMKzNNbFpCPQqaoVr_xZS0ha2ApmMP3uuJP_btS_Xn2C6-YvpXfpb2QM' \
it returns:
{
"code": 16,
"message": "Errors.Token.Invalid (AUTH-7fs1e)",
"details": [
{
"@type": "type.googleapis.com/zitadel.v1.ErrorDetail",
"id": "AUTH-7fs1e",
"message": "Errors.Token.Invalid"
}
]
}
