Recent searches

No recent searches

No access_token received after switching to authorization code flow

image avatar

Marcin Stelmaszyk

Posted Nov 22, 2024

Hi everyone.

 

Zendesk ist depracating the implicit authorization flow, so I wanted to update our flow to PKCE authorization code flow. 

 

I followed the steps in https://support.zendesk.com/hc/en-us/articles/4408845965210-Using-OAuth-authentication-with-your-application

 

However I don't receive any access token in step 3.

 

Step 1 Open Zendesk Login Window Route: https://identity.plattform.mediio.de/oauth/authorizations/new Query Params look like this:

const endpointParams: URLSearchParams = new URLSearchParams({
      response_type: 'code',
      redirect_uri: 'https://www.demo.mediio.shop/assets/zendesk/zendesk.html',
      client_id: 'plattform',
      scope: 'hc:read',
      code_challenge_method: 'S256',
      code_challenge: codeChallenge,
    });

The codeChallenge is generated as described here: https://developer.zendesk.com/documentation/ticketing/working-with-oauth/oauth-pkce/

 

Step 2 

Capture the code from the redirect URL.

 

Step 3 

Send a POST Request to https://identity.plattform.mediio.de/oauth/tokens 

The request body looks like this:

const requestBody = {
              grant_type: 'authorization_code',
              code: code, // from previous step
              client_id: 'plattform',
              redirect_uri: 'https://www.demo.mediio.shop/assets/zendesk/zendesk.html',
              scope: 'hc:read',
              code_verifier: this.codeVerifier,
            };

The codeVerifier is the string used to create the SHA256 hash.

Send this POST request using the JS-fetch API:

const request: Promise<string> = fetch(endpoint, {
              body: JSON.stringify(requestBody),
              method: 'POST',
              headers: {
                'Content-Type': 'application/json',
              },
            })
              .then((res) => {
                if (!res.ok) {
                  console.error(`HTTP error! status: ${res.status}`);
                }
                return res.json();
              })
              .then((json) => {
                if (!json.access_token) {
                  console.error('No access token in response');
                }
                return json.access_token;
              });

We receive a response from the backend with a 200 OK status code, but it contains no data. Do you maybe know what the issue is?

0

1

1 comment

Date
    image avatar

    Greg Katechis

    Zendesk Developer Advocacy

    Hi Marcin! I took a look at the account in question and the subdomain that you're using in the redirect URI seems to be incorrect. I don't want to share that information publicly, so can you check your account configuration for the correct subdomain and try it again? Let me know if you get different results at that point.

    0

    Please sign in to leave a comment.

    Didn't find what you're looking for?

    New post