Is the client_id not passed when requesting a token with a custom provider? #5403

rdmchr · 2022-09-22T20:30:43Z

rdmchr
Sep 22, 2022

I think the client id is not passed to the API when requesting a token with a custom provider. This is my configuration:

    {
      id: "garden",
      name: "Garden",
      type: "oauth",
      authorization: "http://localhost:3000/authorize",
      token: "http://localhost:3000/api/oauth/token",
      userinfo: "http://localhost:3000/api/users/me",
      clientId: "cl8ddkyzr02693wujy694e2xk",
      clientSecret: "MY_CLIENT_SUPER_SECRET",
      checks: ["pkce"],
      profile(profile) {
        return {
          id: profile.id,
          name: profile.name,
          email: profile.email,
          image: profile.avatar_url,
        };
      },
    },

And this is the body I get on my backend at the /token endpoint:

{
   "grant_type":"authorization_code",
   "code":"0f504f92f2256f6cd36f0f3b8b87a91c8b2d3ab591ee112db4e383c99c356ed8",
   "redirect_uri":"http://localhost:3001/api/auth/callback/garden",
   "code_verifier":"m9bUQlLEOoRPEc5ysstbOn6kMf8As9om7khZGIeLoWA"
}

This is what I expected, but it seems like the field client_id is missing, no?
I looked at the Discord OAuth documentation, which is officially supported with no changes to the token request, and they state that client_id is required.
This matches my understanding of the OAuth standard, or am I mistaken here?

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Is the client_id not passed when requesting a token with a custom provider? #5403

Uh oh!

{{title}}

Uh oh!

Replies: 0 comments

Select a reply

Uh oh!

Uh oh!

Is the client_id not passed when requesting a token with a custom provider? #5403

Uh oh!

rdmchr Sep 22, 2022

Replies: 0 comments

rdmchr
Sep 22, 2022