Axios ESI SSO Bad Request

Hello, I am trying to add EvE SSO to an Angular web application that I am developing and am having troubles figuring out how to get it working.

Front end is as follows

<a href="">Login with Eve</a>

Upon clicking that anchor tag I am redirected to EvE login. I successfully login and am sent a GET request as outlined in the current lackluster SSO documentation. I intercept this in a local express webserver with the following method:

const express = require('express');
const axios = require('axios');
const querystring = require('querystring');
const app = express();
const port = 3000;

app.get('/sso', async (req, res) => {
    var parsedString = querystring.parse(req.url.split("?")[1]);
    var cid = '320a1d397b934d06b4210628680b64ff';
    var sk = 'ZaA2JsIPbwpSaXzgmMTAtgWLgP5qqU0reMLDPpeI';
    var b64 = Buffer.from(`${cid}:${sk}`).toString('base64');
    var url = '';

    console.log(parsedString.code);, querystring.stringify({'grant_type':'authorization_code', 'code':`${parsedString.code}`}), {
      headers: {
        Authorization: `Basic ${b64}`,
        'Content-Type': 'application/x-www-form-urlencoded',
        Host: '',
        Accept: 'application/json',
      }}).then((response) => {
      }).catch((error) => {

app.listen(port, () => {
  console.log(`EvE-Industry Server Started On : ${port}`)

Upon attempting to create the request I am receiving a 400 HTTP response with error code as follows:

    "error": "invalid_grant",
    "error_description": "Grant type  is not supported."

I am unsure of how to proceed. I have revealed the client id and secret key in this example as it is only a test application. I have attempted to send the required information in postman but get the same response.
I have also verified that the base64 encoding of client:secret is working properly with the test case they provided in the documentation.

Any help would be greatly appreciated.

Figured it out, I was sending the first request from the front end ( initial authorization ) to the incorrect endpoint. After cleanup i am receiving status 200 with expected data.

<a href="">Login with Eve</a>

Above is the correct endpoint for anyone that has pulled out as much hair as I have. All information will be included in this post will be deleted ( application on eve dev portal along with secret keys and states ).

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.