Skip to content

OAuth2 Token Exchange Fails for Providers Requiring client_secret_post Authentication #3323

New issue
New issue
Open
Bug
Open
OAuth2 Token Exchange Fails for Providers Requiring client_secret_post Authentication#3323
Bug
Assignees
Jacksunwei
Labels
core[Component] This issue is related to the core interface and implementation
@asalauyeu-hubspot

Description

@asalauyeu-hubspot
asalauyeu-hubspot
opened on Oct 28, 2025

Describe the bug
ADK's OAuth2 credential exchanger fails to exchange authorization codes for access tokens when working with OAuth providers that require client_id and client_secret to be sent in the POST request body (using client_secret_post method) rather than via HTTP Basic Authentication.

Expected behavior
ADK should support OAuth providers that require different token endpoint authentication methods, particularly client_secret_post which is specified in RFC 6749 and commonly required by enterprise OAuth providers.

Screenshots
If applicable, add screenshots to help explain your problem.

Desktop (please complete the following information):

  • OS: [e.g. macOS, Linux, Windows]
  • Python version(python -V): 3.13
  • ADK version(pip show google-adk): 1.17.0

Additional context
This is similar to:

Metadata

Metadata

Assignees

Labels

core[Component] This issue is related to the core interface and implementation

Type

Bug

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions