CLIENT_SECRET_BASIC Setup
Authentication requirements for the token endpoint are set by the application’s tokenEndpointAuthMethod property. When the application’s tokenEndpointAuthMethod is set to CLIENT_SECRET_BASIC, the Authorization: Basic header represents a Base64-encoded representation of "username:password", in which the username is the client_id and the password is the client_secret:
-H 'Authorization: Basic <client_id:client_secret>' \Key points
-
Standard HTTP Basic Auth (RFC 7617)
-
Credentials:
Authorization: Basic base64(clientId:clientSecret) -
Widely supported across all platforms
-
Default method for most OAuth implementations
The following workflow shows the application configuration to complete a sign-on flow using the CLIENT_SECRET_BASIC client authentication method.
Run in Postman