Forum Discussion

RachelP's avatar
RachelP
Occasional Visitor
3 years ago

Add Client Credentials location to clientCredentials auth flow

I am using `application` (`clientCredentials`) auth flow as follows:

securityDefinitions:
  oauth2:
    type: oauth2
    tokenUrl: https://login.microsoftonline.com/<subscription-id>/oauth2/v2.0/token
    flow: application
    scopes:
      https://graph.microsoft.com/.default: default scope

The problem is that AAD requires that the client id and client secret are in the request body, and Swagger places the credentials in the request header. There is no way to select "Request Body" option when using Client Credentials:

When using `password` flow, for example, you do have the option to choose how Client Credentials should be passed:

 

I need to use `application`/`clientCredentials` flow and sent the credentials in the request body. Are there any known workarounds or could a fix be considered?

 

Thanks!

No RepliesBe the first to reply