I've been fighting this for over a week now and I'm starting to lose my mind. I have an ASP.NET authentication server running on .NET 4.7.2 and Identity Server 3:
My client is utilizing Identity Model (v6.0.0, screenshot above), and can successfully get credentials back for all clients but one. The request in the client is pretty basic:
var tokenEndpoint = "...";
var scope = "...";
var httpClient = new HttpClient();
var request = new ClientCredentialsTokenRequest {
Address = tokenEndpoint,
ClientId = clientId,
ClientSecret = clientSecret,
Scope = scope
};
var token = _httpClient.RequestClientCredentialsTokenAsync(request).Result;
When I execute this for client A, I get a token back successfully. If I execute it for client B, I get the response "invalid_client". Now, I originally thought the client information was perhaps just a bit screwy, so I double and triple-checked it, it's absolutely correct.
Additionally, client B's information works in an old version of the system running the request code above. Unfortunately, a lot has changed between the version known to work for client B, and the version we're currently on, so there are astronomical amounts of changes that could have caused it. The one I believe to be most likely is that we recently upgraded all of our projects to .NET 4.8 (the auth server is still on 4.7.2, but I compiled against 4.8 and tested it locally, the same problem still occurs). However, this wouldn't explain why client A still works but client B doesn't.
To further descend into madness, I've tried to test getting credentials back using Postman and Thunderclient, and both return valid credentials for both clients A and B.
For clarity, the following table shows where clients A and B succeed or fail in getting back credentials.
| Client | Request | Postman | Thunderclient |
|---|---|---|---|
| A | ✅ | ✅ | ✅ |
| B | ❌ | ✅ | ✅ |
What can I look at to further diagnose this "invalid_client" error?