What is the meaning of this error: 'client authentication must only be provided using one mechanism'

What is the meaning of this error: 'client authentication must only be provided using one mechanism'

我正在达到以下终点

https://<my company>.onelogin.com/oidc/token

有时我会收到以下错误响应,但我不确定这是什么意思。

{"error":"invalid_request","error_description":"client authentication must only be provided using one mechanism"}

我将以下字段作为参数发送:

grant_type=authorization_code

代码=编辑

redirect_uri=已编辑

client_id=已编辑

client_secret=已编辑

谁能解释一下为什么这个端点会间歇性地失败?

我们已经弄清楚是什么导致了这个“单一机制”问题。我们向 OneLogin 技术支持团队发送了电子邮件,并收到了以下回复:

As you can see in our documentation the placement of "client_secret" is dependent on your Token Endpoint Authentication Method setting. API Reference

If the Authentication Method = POST then "client_secret" is in the body.

If the Authentication Method = Basic then the "client_secret" is encoded and placed in the Authorization header.

Your application is currently sending this value in both Authorization Header and POST body. In the past this would not have been an issue but with the tightening to spec it will cause a 400 error for your application.

他们将很快更新他们的文档,但是现在,请使用本指南来消除您的应用程序中的“单一机制”错误。