Laravel Passport Client Credentials Grant

1
votes

I use Laravel Passport for my API authentication. I have already set up a Password Credentials Grant and it works. Now I need a Client Credentials Grant for machine-to-machine authentication.
I created a new client with php artisan passport:client --client. I tried to make a request to /oauth/token with this body (with Insomnia):

{
    "client_id":3,
    "secret":"wJWuVVydkHIQQ6gC7xvd0eEKytIFAD3pa149e6TR",
    "grant_type":"client_credentials"
}

That's the response i get from Passport:

{
  "error": "invalid_client",
  "error_description": "Client authentication failed",
  "message": "Client authentication failed"
}

Does anyone have any idea why it is an invalid client?
This is the entry in the oauth_clients table for my client, exported as json:

{
    "id":"3",
    "user_id":null,
    "name":"ClientCredentials Grant Client",
    "secret":"wJWuVVydkHIQQ6gC7xvd0eEKytIFAD3pa149e6TR",
    "redirect":"",
    "personal_access_client":"0",
    "password_client":"0",
    "revoked":"0",
    "created_at":"2019-04-30 17:06:17",
    "updated_at":"2019-04-30 17:06:17"
}
1
laravellaravel-5oauth-2.0laravel-passportlaravel-5.8
Thank you. Now I feel a bit stupid...no0by5
No worries, easy mistake to make. I posted as an answer so you can mark accepted.jszobody

1 Answers

5
votes

In your request, the secret param should be client_secret instead.

From the docs: https://laravel.com/docs/master/passport#client-credentials-grant-tokens

enter image description here