Hi, I am facing an issue using the keycloak-nodejs-connect adapter in my project. The issue surfaces after the adapter authenticates my user account I have setup, so receives a code, and then attempts to exchange this code for an access token. The adapter sends back an 'access denied' response and in the keycloak logs I see an error as follows: 09:55:44,116 WARN [org.keycloak.events] (default task-28) type=CODE_TO_TOKEN_ERROR, realmId=Actora, clientId=actora-test, userId=null, ipAddress=192.168.132.45, error=invalid_code, grant_type=authorization_code, code_id=c454ec60-6f07-4229-8a48-f0fa126609e4, client_auth_method=client-secret Watching the browser calls that are made, after initial login to get the user's code value, I see the redirect back to my main web application along with callback query param: http://localhost:5001/?auth_callback=1&state=cd0dd57d-59b6-45e4-a51e-... So for the code I can see the code param in the callback contains the code_id value referenced in my keycloak error log mentioned further above - c454ec60-6f07-4229-8a48-f0fa126609e4 I am assuming the long code value prefixed with the 'uss.' part gets decoded by keycloak to extract the value it needs? I have debugged through the adapter library locally to see how it's performing the calls and oddly I have found in the keycloak-auth-utils\lib\grant-manager.js a fetch function is called but with options set for a POST request. The promise in this fetch function gets rejected as the status code returned from keycloak server is a 400 Bad Request. I don't know what else to do here, I have re-read the getting started section on the keycloak documentation and I can't see any obvious setup steps I have missed. Can someone offer any clues as to what may be going on here please? Thanks Rob ________________________________ Robert Parker - Front End Developer Applied Card Technologies Ltd Cardiff Office 14 St Andrews Crescent Caerdydd Cardiff CF10 3DD +44 (0) 2922 331860 Robert.Parker(a)weareACT.com www.weareACT.com<http://www.weareact.com> Registered in England : 04476799 ________________________________ The information contained in or attached to this email is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, or a person responsible for delivering it to the intended recipient, you are not authorised to and must not disclose, copy, distribute, or retain this message or any part of it. It may contain information which is confidential and/or covered by legal professional or other privilege (or other rules or laws with similar effect in jurisdictions outside Northern Ireland, England and Wales). The views expressed in this email are not necessarily the views of Applied Card Technologies Ltd. The company, its directors, officers or employees make no representation or accept any liability for its accuracy or completeness unless expressly stated to the contrary. [http://www.weareact.com/media/11610/email_footer_tree.gif]Please consider the environment before printing this email. ________________________________