问题
I have an application which is getting Auth from Keycloak.
My Access Type is public so I do not have any client secret.
I have given access to "Direct Access Grants Enabled" as ON
Refer below:
I am getting error from postman as below:
{
"error": "invalid_grant",
"error_description": "Invalid user credentials"
}
Note : My credentials is right as I am using same to login on keycloak
I have also check the key and they seems correct as per below reference:
https://gist.github.com/rac021/623e4f4c87069acd0c38d952568f8a3d
while I have setup as per my understanding.
References:
Please let me know if I missing anything or you need any more details.
Any workaround will be appreciated !!!!
回答1:
The error message "Invalid user credentials" is reliable. That is, you either specified a wrong username or password.
Check that the user really exists in the realm you are addressing with the URL. Particularly if it is not the master realm which usually will be used to login to keycloak admin console.
回答2:
I had the same problem. Mine was due the the OTP (optional) in the direct grant Flow
回答3:
For LDAP users I am getting this issue. With some user able to login with Authorization code flow, but when I am using the same user to get access token from postman with token URL getting below response.
{ "error": "invalid_grant", "error_description": "Invalid user credentials" }
To fix the above error I removed required user actions for the user and enabled email verified option.
来源:https://stackoverflow.com/questions/48146410/unable-to-get-oauth-token-from-keycloak