how to exchange code to token in Ory Hydra

Question

I'm following Ory Hydra 5 Minute Tutorial.

This tutorial uses a sample Webapp and I'm trying to understand the flow how to convert Code to Token via HTTP POST.

I have several troubles with the POST:
400 Bad Request Request parameter 'grant_type' is missing
400 Bad Request "invalid_grant"
401 Unauthorized "invalid_client"

and it's not clear how to proceed.

Answer 1

Client Creation

• During creation of your client make sure to add --token-endpoint-auth-method client_secret_post so that http post is legal later on
• have your own landingpage (which prints the code for you from the http request for convenience)

docker-compose -f quickstart.yml exec hydra     hydra clients create     --endpoint http://127.0.0.1:4445     --id helloworld-auth-code-client     --secret secret     --grant-types authorization_code,refresh_token     --response-types code,id_token     --scope openid,offline   --token-endpoint-auth-method client_secret_post  --callbacks http://127.0.0.1:3344/loggedin

Login and Retrieve Code

Trigger Login http://127.0.0.1:4444/oauth2/auth?client_id=helloworld-auth-code-client&response_type=code&scope=openid offline&state=hniavseoniasethiohsaent

convert code to token

POST
http://127.0.0.1:4444/oauth2/token
header: Content-Type application/x-www-form-urlencoded
Body: (no curly brackets, just replace the code below and take the following)
response_type=token&grant_type=authorization_code&code=PUTYOURCODEHERE&redirect_uri=http://127.0.0.1:3344/loggedin&client_id=helloworld-auth-code-client&client_secret=secret