External Third-Party OAuth 2.O is not working

I am working on External Third-Party OAuth 2.O integration it gives me this error

could not retrieve access token from the provider 403 ({“error”:“access.denied”,“error_description”:“Invalid client secret”})

Here it is my menifest.yml file.

modules:
  jira:issueContext:
    - key: resolvelogindemo-hello-world-context
      resource: main
      resolver:
        function: resolver
      title: resolveLoginDemo
      label: Custom UI
  function:
    - key: resolver
      handler: index.handler
      providers:
        auth:
          - gotoresolve
providers:
  auth:
    - key: gotoresolve
      name: LogMeIn
      scopes:
        - 'support:'
        - 'identity:scim.me'
        - 'identity:'
      type: oauth2
      clientId: <Using My Client ID>
      remotes:
        - resolve-apis
      bearerMethod: authorization-header
      actions:
        authorization:
          remote: resolve-account
          path: /oauth/authorize
          queryParameters:
            client_id: <Using My Client ID>
            response_type: code
            redirect_uri: https://id.atlassian.com/outboundAuth/finish
        exchange:
          remote: resolve-oauth
          path: /oauth/token
          # queryParameters:
          #   redirect_uri: https://id.atlassian.com/outboundAuth/finish
          #   grant_type: authorization_code
          #   code:
          resolvers:
            accessToken: access_token
            accessTokenExpires: expires_in
            refreshToken: refresh_token
        revokeToken:
          remote: resolve-oauth
          path: /oauth/token
        retrieveProfile:
          remote: resolve-apis
          path: /oauth/authorize
          resolvers:
            id: id
            displayName: email
            avatarUrl: picture
remotes:
  - key: resolve-apis
    baseUrl: https://authentication.logmeininc.com
  - key: resolve-account
    baseUrl: https://authentication.logmeininc.com
  - key: resolve-oauth
    baseUrl: https://authentication.logmeininc.com
permissions:
  scopes:
    - 'write:jira-work'
    - 'read:jira-work'
    - 'storage:app'
  external:
    fetch:
      backend:
        - https://authentication.logmeininc.com
resources:
  - key: main
    path: static/hello-world/build
app:
  id: ari:cloud:ecosystem::app/e621085e-6844-492d-9ee5-51a048ad2f72

I am doing this process.

1. forge deploy
2. forge providers configure gotoresolve

   after this pasting Client secret

3. forge install

From the Postman, I am able to successfully execute the following request.

curl --location 'https://authentication.logmeininc.com/oauth/token' \
--header 'Authorization: Basic <ClientId:ClientSecret(Base64Encoded)>' \
--header 'Accept: application/json' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'redirect_uri=http://localhost:5000' \
--data-urlencode 'grant_type=authorization_code' \
--data-urlencode 'code=<Authorization_Code>'

In Forge manifest.yml file I am not able to set custom headers for Authorization and content type, does Forge/Jira take care for setting these headers?

Could you please help me ?

Hello @MichaelCooper how are you, can you please help in this issue,
Forge is not sending the “header ‘Authorization: Basic ClientId:ClientSecret(Base64Encoded)’”.

we tried as per documentation but it is not working.
how can we add header Authorization: Basic {Token} for exchange.

Hi @ShanaullahKhan3P,

Thanks for trying out Forge and External Authenticatio!

I don’t believe we currently support adding the Authorization header to the token exchange request.
Could you raise a feature request for this in the FRGE project?
https://ecosystem.atlassian.net/jira/dashboards/37320

Thanks,
Michael