Kari Ruissalo Posted March 14 Share Posted March 14 Does anyone happen to have a sample of a HTTP POST how to get a Token from NetScaler OAuth IdP? With just basic authentication for starters... and some tips on how to configure the NetScaler AAA for it to work? Also, does NetScaler support grant_type=password? Should we use grant_type=client_credentials instead? I got a few steps forward by adding the Authorization header (basic), but if I'm trying HTTP POST to /oauth/idp/token with the following: Quote  Headers Content-Type = application/x-www-form-urlencoded Authorization = Basic {base64-encoded creds} Body grant_type = client_credentials client_id = something client_secret = something  I encoded the Basic auth header using UTF-8 (tried Unicode too didn't change anything). Getting a http 400 bad request response. ... I'm getting the following error in the ns.log: OAUTHIDP: Client credentials ERROR: clientid or secreit or resource is absent I'm looking in to replacing F5 Big-IP with NetScaler. With Big-IP they only needed to POST the following to get a Bearer token: Quote Headers Content-Type = application/x-www-form-urlencoded Body grant_type = password username = userPricipalName password = {password} client_id = something I'm testing this with Postman. Any tips are appreciated! Link to comment Share on other sites More sharing options...
Kari Ruissalo Posted March 14 Author Share Posted March 14 Added "resource=something" in to the request body and now I'm getting an access token. Unfortunately I would need to be able to support grant_type=password and extract user info in to the token also. 🤔 Link to comment Share on other sites More sharing options...
Morten Kallesøe Posted March 19 Share Posted March 19 can you paste your ns.conf thats relevant to your setup? Link to comment Share on other sites More sharing options...
Solution Kari Ruissalo Posted March 27 Author Solution Share Posted March 27 Got this working. NetScaler OAuth IdP requires to have the "resource" attribute in the request body. Everything else was there already. If anyone else is trying to find what grant types are supported on NetScaler OIDC, here goes: authorization_code password refresh_token client_credentials Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now