ESI SSO POST error Invalid Grant

When attempting to authenticate following the steps listed in Web_based_sso_flow I receive
error: “invalid grant”
error_description: “Grant type authorization_code is not supported.”

The applicable code in my JS (React) application is

const authID = encode(props.secrets.client_id+":"+props.secrets.secret_key);
    
    const bodyValues = {
        'grant_type': 'authorization_code',
        'code': code
    }
    
    const formBody = Object.keys(bodyValues).map(key => encodeURIComponent(key) + '=' + encodeURIComponent(bodyValues[key])).join('&');
    
    const requestOptions = {
        method: 'POST',
        headers: {'Authorization': 'Basic ' + authID,
            'Content-Type': 'application/x-www-form-urlencoded',
            'Host': 'login.eveonline.com'},
        body: formBody
    }
    
    console.log("Sending authorization request", requestOptions);
    fetch('https://login.eveonline.com/v2/oauth/token', requestOptions)

I am stumped as to how I am formatting this request incorrectly as the documentation clearly states that authorization_code is the correct grant type.

An example of the body edited to remove the actual code

grant_type=authorization_code&code=<code>

I am aware that i need to switch over to native_sso_flow but wanted to get a working post request first.

Edit: I receive the error description "“Grant type is not supported.” with postman

The web based flow does not work with V2.

Face the same issue. How to fix it? What does it mean V2 is not supported web? How then the users can log in from a website?

I found a way how to solve this. For some reason it’s start to work if add client_Id, and scope inside request body (const bodyValues = ). Also 'Authorization': 'Basic ' + authID, sould be removed form header because system will read credential from request body.

This did not work for me, and I’m getting the same error.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.