I am working on a .Net Core Application with the requirement of using PIV to login. I followed the flow below.
- Application checks if user has session, does nothing if session does not exist.
- User clicks on button to login with PIV
- User is logged in with PIV
- Application checks if user has session, makes /authorize redirect because session exists.
- User winds up on the callback route with the authorization_code
Make /token to get Access and Refresh Token
I am stuck at step 6. I tried to use the Code from /authorize to generate to call “/oauth2/default/v1/token” get access and refresh token without any luck. I’m getting 400 Status Code ( ‘Bad Request’) from response.
Any suggestion to get both access and refresh token?