My Oracle Support Banner

OAM OAuth 3 -legged Flow Integration Issue Because Of Request Parameters (Query Param/Header Param) (Doc ID 2477987.1)

Last updated on AUGUST 27, 2019

Applies to:

Oracle Mobile and Social - Version and later
Information in this document applies to any platform.


Query Description


Customer are facing an issue while integrating a client using OAuth 3-legged flow. Issue is occuring while generating access_token. Please find the issue details below:

1. Client is able to generate the authorization code.
2. Client passes authz_code in the next request to obtain access_token. Client is passing the required paramters in request body as query paramters (client_id,client_secret,redirect_uri,grant_type & authz_code).
3. OAM expect client_id:clientSecret as Authorization header parameter along with a header indicating the media type.

Issue is occurring because client is unable to send the requested header paramters (Authrization code and Content-Type) and OAM is unable to process the request if the same parameters sent in the request body as query parameter.

Is there anyway if OAM can accept the parameters specified in request body as query paramters in plain text ?

OAM Version: OAM 11gR2 PS3


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.