Appsmith version: Appsmith Business v1.9.9 (self-hosted)
I have setup an authenticated API datasource which uses OAuth 2.0 as the authentication type, and which I have configured to use the “Authorization Code” grant type. Just FYI, the OAuth 2.0 server we’re connecting to is Auth0 (by Okta), so it’s not a custom-built solution, and I can guarantee that Auth0 is working correctly.
I am able to save and authorize with this datasoure successflly, as shown in the attached screenshots…
(I’ve already reached the limit of images and links I can include in this post)
But when I actually try to make an API call with this datasource, I found that my API was rejecting the requests due to an authentication failure, and after some troubleshooting I realized that the access token Appsmith is sending to my API is malformed. Just for debugging purposes, I reconfigured the Appsmith datasource to include the access token in the request URL instead of the request headers, and that allowed me to view the access token which Appsmith is sending (see screenshot–I have blurred the access token itself, but you can see where it is included in the error message)…
image.png (1920×902) (discordapp.com)
Now when I take that access token and paste it into jwt(dot)io to inspect the contents of the token, jwt(dot)io tells me that it’s malformed (see screenshot)…
image.png (1233×850) (discordapp.com)
I can guarantee that there is no copy-and-paste error as I’ve tried this several times, and I also added debug code to my API to see the access token which Appsmith is sending from that side, and in my API side debug logs, as well, it’s showing the same malformed JWT.
When I switch to the “Client Credentials” grant type, and enter an appropriate set of client credentials, the access token is not malformed, and I can use the access token to successfully make calls to my API (see screenshots)…
So it’s only with the “Authorization Code” grant type that the access token is getting malformed by Appsmith. Can someone advise me on how to proceed with getting this resolved? Thanks!
(I apologize, this system only allows me to include 1 image and 2 links, so I have no way to share the other screenshots)