Getting an OAuth Token - Cannot connect

Keep getting error messages when trying to get a token via REST.
In Project Properties | Application Properties I added the following (not web-app.properties)

cuba.rest.client.id = test
cuba.rest.client.secret = test

Using CURL, I did the following…

#1…Good Credentials, No Grant_Type

curl http://localhost:8080/app/rest/v2/oauth/token -X POST -H "Content-Type: application/x-www-form-urlencoded" --user "test:test"

{"error":"invalid_request","error_description":"Missing grant type"}

#2…Bad Credentials, No Grant_Type

curl http://localhost:8080/app/rest/v2/oauth/token -X POST -H "Content-Type: application/x-www-form-urlencoded" --user "testbla:test"
{"error":"unauthorized","error_description":"Bad credentials"}

#3…Add Grant Type with good credentials

curl http://localhost:8080/app/rest/v2/oauth/token?grant_type=password -X POST -H "Content-Type: application/x-www-form-urlencoded" --user "test:test"
{"error":"server_error","error_description":"Null reference passed as parameter"}

#1 Result is “Invalid Request”
#2 Result is “Unauthorized”
#3 Result is “Error - Null reference passed as parameter”

So this tells me the credentials test:test are good and do work.
But I can’t figure out this grant_type.

What am I doing wrong?
Thanks in advance.

Hello, @gunnar.swan!

I think you can find answer in this topic:

https://www.cuba-platform.com/discuss/t/consume-service-api-cannot-authenticate/5177

Figured it out. The values in cuba.rest.client.id and rest.client.secret need to be in this form

test:test and encoded and in the header like so:

authorization:“Basic dGVzdDp0ZXN0”

And you still need the User and password like so…

grant_type=password&username=Elvis&password=Presley

So it took two credentials. That is what I was missing.
Created a user in the app with UserId = Elvis and password = Presley, this works.

POST /app/rest/v2/oauth/token
authorization: Basic dGVzdDp0ZXN0
content-type: application/x-www-form-urlencoded
cache-control: no-cache
postman-token: 051a1a1f-b743-402d-a7c6-dc955ab1b762
user-agent: PostmanRuntime/7.1.5
accept: */*
host: localhost:8080
accept-encoding: gzip, deflate
content-length: 48
grant_type=password&username=Elvis&password=Presley
HTTP/1.1 200
status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate,no-store
pragma: no-cache,no-cache
expires: 0
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-content-type-options: nosniff
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Thu, 21 Jun 2018 00:19:56 GMT
{"access_token":"08ad6121-d865-4e3a-b17d-6f370d35a40e","token_type":"bearer","refresh_token":"c876f3c2-a44b-4755-8f47-baaa9a9c0f39","expires_in":43199,"scope":"rest-api"}