I’m using a password grant OAuth flow, but can’t connect to a non-default Database/Connection.
-
I’ve got two applications configured on a tenant, each with their own database.
-
Both are using a password grant flow.
-
I’m testing both applications on the command line with curl, using sample code from the docs, so am confident it’s not code related:
export TENANT=foo;
export CLIENT_ID=bar;
export CLIENT_SECRET=baz;
export AUDIENCE=qux;
export USERNAME=quux;
export PASSWORD=corge;
curl --request POST \
--url https://$TENANT/oauth/token \
--header 'content-type: application/json' \
--data '{"client_id":"$CLIENT_ID", "client_secret":"$CLIENT_SECRET", "audience":"$AUDIENCE", "grant_type":"password", "username": "$USERNAME", "password": "$PASSWORD"}'
- The application that uses the default database on the tenant works fine and can successfully receive a token
- but the application that uses the non-default DB returns an error:
{
"error": "invalid_request",
"error_description": "connection is disabled (client_id: $SECOND_CLIENT_ID - connection: $DEFAULT_DATABASE_NAME)"
}
- Application #2 is configured with Database #2 enabled and Database #1 disabled.
- Both applications are configured with password grant type enabled and can’t see any difference in their configuration
- I switched Application #2 to talk to Database #1 and it works OK, so seems like it is specifically related to the connection
The issue I’m facing seems to be the same as this previous post, but that user wanted to switch DBs so could resolve their issue by changing their default connection, whereas I need to keep both active.
I’ve tried passing connection
as parameter in my request body (similar to when making a create user request), and have also tried a realm
param (both with the connection name or its ID), but neither have worked.
Any ideas on what I’m missing? Please let me know if you need more details
Edit to add:
Checking the monitoring in the Console, it gives:
Summary
- Occurred: a few seconds ago at 2022-07-14 09:18:39.192 UTC
- Type: Failed Exchange
-
Description: connection is disabled (client_id:
$CLIENT_ID_2
- connection:$DEFAULT_DATABASE_NAME
) -
Connection:
$DEFAULT_DATABASE_NAME
-
Application:
$APPLICATION_NAME_2
($CLIENT_ID_2
) -
User:
$USERNAME