Skip to main content
Skip table of contents

The client secret supplied for a confidential client is invalid

Normally, this error will be received from the Oauth V2 provider every time a token is requested to be created using an invalid client Secret.

It is important to confirm in the oauth_entity table that the Oauth entity profile is configured with the correct credentials.

It is possible to display the client secret by clicking in the lock icon (highlighted below in yellow):

Oauth entity profile example

As can be seen above, a blue box is prompted with the value stored in the Client Secret.
At this point, please ,double check if the value is exactly the string expected.

If the blue box is displaying a different string, it is because the value is encrypted.

To disable this encryption avoiding the functionality break, it is required to set the system property glide.kmf.encrypter.enabled as false.

Once it is disabled, check again the Oauth entity profile and ensure the client secret contains exactly the value expected by the Oauth provider.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.