I’m trying to use Authorization extension in such way:
var options = {
method: 'POST',
url: 'https://{MY_DOMAIN}/oauth/token',
headers: { 'content-type': 'application/json' },
body: {
client_id: {CLIENT_ID},
client_secret: {CLIENT_SECRET},
audience: {MY_MACHINE_TO_MACHINE_APP}",
grant_type: "client_credentials",
scope: 'read:roles read:current_user',
},
json: true
};
request(options, function (error, response, body) {
if (error) throw new Error(error);
var options = {
method: 'GET',
url: 'https://{AUTHORIZATION_URL_FROM_EXPLORER}/api/roles',
headers: {
authorization: `Bearer ${body.access_token}`
}
};
request(options, function (error, response, body) {
if (error) throw new Error(error);
});
First request returns correct access token. But second request always return Unauthorized 401 response with following content
{
"statusCode":401,"
"error":"Unauthorized",
"message":"Invalid token",
"attributes":{"error":"Invalid token"}
}
What can be the reason of this behaviour?