My Oracle Support Banner

Problem Requesting An Access Token In The OAuth 2.0 Module Of OAM11gR2 (Doc ID 2317121.1)

Last updated on MARCH 16, 2019

Applies to:

Oracle Mobile and Social - Version and later
Information in this document applies to any platform.


Problem requesting an access token in the OAuth 2.0 module of Oracle Access Manager 11gR2 version, Authentication Engine

Trying to set up a three-legged authorization flow.

However, there are two major problems:

The first concerns when it comes to generating the ACCESS TOKEN, for a defined scope.
The second when we try to use an Identity Store is different from the default. In our case we are using Oracle Unified Directory and authenticate against this LDAP not the corresponding AUTHORIZATION CODE is generated and not taken for granted permissions to the scopes for which we consult


Customer has an oauth web app configured (but no resource servers configured) and the web app has a redirect url configured to go to

In the browser they enter the url:


This redirects them to OAM for a login. They have OAM configured to use OUD as the ldap store and they authenticate with a user from OUD. Authentication
succeeds but they they get an http-403/401 error. The issue is the the generation of an Access token. Just the authorization token is generated, but not the authentication one.

HTTP/1.1 401 Unauthorized
Transfer-encoding: chunked
X-powered-by: Servlet/2.5 JSP/2.1
Pragma: no-cache
Cache-control: no-cache, no-store, must-revalidate
Date: Mon, 09 Nov 2015 21:00:26 GMT
Content-type: application/json
"error_description": "Invalid Client Id or Resource Server Id +
Confidential Secret",
"error": "invalid_client"




To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.