[SOLVED] Receive invalid access token when requested from Anypoint Studio (Mulesoft v4)

I’m submitting a…

[ ] Regression (a behavior that stopped working in a new release)
[x] Bug report
[ ] Performance issue
[ ] Documentation issue or request

Current behavior

When I request an access token from Anypoint Studio v7.3 (Mulesoft v4) the access token I receive returns a 401 when used to make a call to get content. (Also, the token is 10 characters longer then the one I receive when I make the call from Postman.) There are 3 characters that are encoded when sending from Mulesoft including the colon in the client_id. If this was an issue I would expect to not get a token, but instead I receive an invalid token.

Expected behavior

Requesting an access token from Anypoint Studio v7.3 return a valid token that can be used to make further requests.

Minimal reproduction of the problem

calling https://cloud.squidex.io/identity-server/connect/token with content type application/x-www-form-urlencoded and a valid body.


I’m not sure, I don’t know about the setup of squidex, just how to call the APIs

  • [ ] Self hosted with docker
  • [ ] Self hosted with IIS
  • [ ] Self hosted with other version
  • [ ] Cloud version

I am not using a browser to access content

  • [ ] Chrome (desktop)
  • [ ] Chrome (Android)
  • [ ] Chrome (iOS)
  • [ ] Firefox
  • [ ] Safari (desktop)
  • [ ] Safari (iOS)
  • [ ] IE
  • [ ] Edge

Is there another way to request a token other than using content-type application/x-www-form-urlencoded?

Can you send me the request that are made with anypoint? Perhaps you are missing an scope or so.

Here is the log from Anypoint. you can piece the call together from the log.

POST /identity-server/connect/token HTTP/1.1
x-correlation-id: 0-a7173660-240a-11e9-967d-364320524153
Host: cloud.squidex.io:443
User-Agent: AHC/1.0
Connection: keep-alive
Accept: /
Content-Type: application/x-www-form-urlencoded
Content-Length: 147


Can you send me the example token via PM?

I don’t see how to send a PM

I sent you an message, you can just answer there.

I deployed a fix that should solve your problem, but you have request a new token.

Please confirm if it works or not.

Confirmed via PM …