**SHello OpenEMR Community,
We are trying to obtain an OAuth2 access token using the client credentials grant type to interact with the OpenEMR API. We are sending a POST request to the standard token endpoint (/oauth2/default/token
).
Here’s how we are constructing the request:
- Method: POST
- URL:
[Your OpenEMR Base URL]/oauth2/default/token
- Headers:
Authorization
:Basic [Base64-encoded client_id:client_secret]
Content-Type
:application/x-www-form-urlencoded
- Body (form-urlencoded):
grant_type=client_credentials
We are intentionally not including the client_id
, client_secret
, or scope
parameters in the request body, as we are using Basic Authentication in the header, which should cover the client credentials part according to standard OAuth2 practices for this grant type.
However, we are receiving a 400 Bad Request
response from the server with the following JSON body:
{
"error": "invalid_request",
"error_description": "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed.",
"hint": "assertion type is not supported",
"message": "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed."
}
We are particularly confused by the hint: "assertion type is not supported"
. We are not using any JWT assertions or similar mechanisms, just the standard client credentials grant with Basic Auth.
Could anyone shed light on why we might be getting this specific error with this setup? Does OpenEMR’s OAuth2 implementation perhaps require parameters differently even when using Basic Auth for client credentials, or could there be a specific server configuration we need to be aware of?
Any help or pointers would be greatly appreciated!
Thanks,
[Your Name/Username]ituation**
Describe your problem here
OpenEMR Version
I’m using OpenEMR version
Browser:
I’m using:
Operating System
I’m using:
Search
Did you search the forum for similar questions?
Logs
Did you check the logs?
Was there anything pertinent in them?
Please paste them here (surround with three backticks (```) for readability.
You can also turn on User Debugging under Administration->Globals->Logging User Debugging Options=>All