I am able to successfully get a bearer token in Postman. I have recreated this this POST exactly in Azure Logic Apps. Headers, Body, everything. The only think I cannot seem to control is the order of the headers.
No matter what I do I get a 401 when I try to get a token from {name}/oauth/token. Again, only from that environment.
Is Azure being blocked in any way? Is there a set of logs that can provide more info on the nature of the 401?
In the HTTP response associated with the 401 I believe the headers would contain a request identifier that we (Auth0) could use to try to get some additional information from server side logs. If you can access the response headers from the call that fails from within Azure it would be useful to share those here.
| Header | val |
|---|---|
| Connection | keep-alive |
| ot-tracer-spanid | 2252896a06d6e32c |
| ot-tracer-traceid | 1a1160d2412134ef |
| ot-tracer-sampled | TRUE |
| ot-baggage-auth0-request-id | 6ddf40894f759f33d4758e58 |
| X-Auth0-RequestId | a661c4082b722f8509ec |
| Date | Tue, 18 Aug 2020 19:36:41 GMT |
| Set-Cookie | did=s%3Av0%3A245b6f90-e18a-11ea-b077-e16ecfce57b3.NCcUnWbNMNueDNNByGtVPMkTcdyW6%2BBvRdoWCfIkZKg; Max-Age=31557600; Path=/; Expires=Thu, 19 Aug 2021 01:36:41 GMT; HttpOnly; Secure; SameSite=None,did_compat=s%3Av0%3A245b6f90-e18a-11ea-b077-e16ecfce57b3.NCcUnWbNMNueDNNByGtVPMkTcdyW6%2BBvRdoWCfIkZKg; Max-Age=31557600; Path=/; Expires=Thu, 19 Aug 2021 01:36:42 GMT; HttpOnly; Secure |
| Server | nginx |
| X-RateLimit-Limit | 1000000 |
| X-RateLimit-Remaining | 999999 |
| X-RateLimit-Reset | 1597779402 |
| cache-control | no-store, no-transform, must-revalidate, no-cache, private, post-check=0, pre-check=0 |
| Strict-Transport-Security | max-age=31536000 |
| Content-Length | 60 |
| Content-Type | application/json |
Thanks for that, I found the logs but Iâm afraid although they provide a bit more of information due to the fact that logs wonât contain the full request body Iâm still unable to say for sure. I did notice that when comparing the Azure logs with some other logs in the same tenant with a Postman user-agent I see that the content-length on the request body differs. However, this may be due to a slightly different formatting.
Can you share a cURL command that represents the Postman command that works? You can redact sensitive information, but when redacting use an approach where you replace the sensitive value with a different one that is still equivalent in terms of length and character set.
Thanks for looking into this. Here is the working cUrl from Postman. Know that I tried lots of message formats in the Logic App.
curl --location --request POST âhttps://curbsidex.us.auth0.com/oauth/tokenâ
âheader âContent-Type: application/x-www-form-urlencodedâ
âheader âCookie: did=s%3Av0%3A61d39610-e0cf-11ea-abd8-7184b2ba7443.bTk4gwbUap4UDpkIoAFGwwpsWaaQjfQvMenCt7caq7Q; did_compat=s%3Av0%3A61d39610-e0cf-11ea-abd8-7184b2ba7443.bTk4gwbUap4UDpkIoAFGwwpsWaaQjfQvMenCt7caq7Qâ
âdata-urlencode âgrant_type=client_credentialsâ
âdata-urlencode âclient_id=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxâ
âdata-urlencode âclient_secret=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxâ
âdata-urlencode âaudience=www.curbsid.comâ
So with that we should have 176 characters being send in the request body and I do see at least one request with that content length from a Postman user agent resulting in success. However, the requests from the azure-logic-apps/1.0 user agent have 213 or more in terms of content length so thereâs something likely going wrong with encoding and/or how the parameters are setup.
I confess I have no experience with Azure Logic Apps; whatâs the interface you have to configure the request body? Is it the raw body or you can add individual body parameters one by one? Can you point to Azure Logic apps documentation that specify how that works?