OAuth2 issue with token (Session Expired?)


I’ve been trying to fix this problem I’m facing for weeks to no avail (it gives a Session Expired message). I have the OAuth2 service set up correctly as per the instructions, and when I test it the first steps are fine and then something occurs that prevents me from obtaining the token. The steps as I understand go like this:
1 - I get the authorization URL, this works fine
2 - I allow the access to the set doctypes (in my case just openid all) and then I get the authorization code
3 - I request the access token, but I get the following response (header & body):
print (access_token_response.headers)
{‘Server’: ‘nginx’, ‘Date’: ‘Sat, 13 Oct 2018 23:12:48 GMT’, ‘Content-Type’: ‘text/html; charset=utf-8’, ‘Content-Length’: ‘7264’, ‘Connection’: ‘keep-alive’, ‘X-Page-Name’: ‘message’, ‘X-From-Cache’: ‘False’, ‘Set-Cookie’: ‘user_image=; Path=/, user_id=Guest; Path=/, system_user=yes; Path=/, full_name=Guest; Path=/, sid=Guest; Expires=Tue, 16-Oct-2018 23:12:47 GMT; Path=/, user_image=; Expires=Fri, 12-Oct-2018 23:12:48 GMT; Path=/, user_id=; Expires=Fri, 12-Oct-2018 23:12:48 GMT; Path=/, system_user=; Expires=Fri, 12-Oct-2018 23:12:48 GMT; Path=/, full_name=; Expires=Fri, 12-Oct-2018 23:12:48 GMT; Path=/, sid=; Expires=Fri, 12-Oct-2018 23:12:48 GMT; Path=/’}

print (access_token_response.text)

<!DOCTYPE html>
Session Expired
<link rel="shortcut icon"
<link rel="icon"

	<link type="text/css" rel="stylesheet" href="/assets/frappe/css/bootstrap.css">
	<link type="text/css" rel="stylesheet" href="/assets/css/frappe-web.css">
	<link type="text/css" rel="stylesheet" href="/assets/erpnext/css/website.css">
	<link type="text/css" rel="stylesheet" href="/website_theme.css"><script>
	window.frappe = {};
	frappe.ready_events = [];
	frappe.ready = function(fn) {
	window.dev_server = 0;
<li class="shopping-cart hidden">
	<div class="cart-icon">
		<a class="dropdown-toggle" href="#" data-toggle="dropdown" id="navLogin">
			Cart <span class="badge-wrapper" id="cart-count"></span>
		<div id="cart-overlay" class="dropdown-menu shopping-cart-menu"></div>

<!-- post login tools -->
  • Login
  • 		</div>
            <div class="hero-and-content">
                <div data-html-block="hero"></div>
                <div class="container">
    <div class="page-content without-sidebar">
    	<div class="page-content-wrapper">
    		<div class="row page-head">
    			<div class='col-sm-12'>
    			<div class="col-sm-8 col-xs-6">
    			<div class="col-sm-4 col-xs-6">
    		<div class="page_content">
    .hero-and-content { background-color: #f5f7fa; } .page-card { max-width: 360px; padding: 15px; margin: 70px auto; border: 1px solid #d1d8dd; border-radius: 4px; background-color: #fff; box-shadow: 0px 3px 6px rgba(0, 0, 0, 0.1); } .page-card .page-card-head { padding: 10px 15px; margin: -15px; margin-bottom: 15px; border-bottom: 1px solid #d1d8dd; } .page-card .page-card-head .indicator { color: #36414C; font-size: 14px; font-weight: bold; } .page-card .page-card-head .indicator::before { margin: 0 6px 0.5px 0px; } .page-card .btn { margin-top: 30px; } .page-card p { font-size: 16px; }
    Session Expired

    Your session has expired, please login again to continue.

    <div><a href='/' class='btn btn-primary btn-sm'>

    Status: 401

    	<div><footer class="web-footer">
    <section class="footer-links">
    	<div class="container">
    		<div class="row">
    			<div class="col-sm-6 text-left">
    			<div class="col-sm-6 text-right">
    Get Updates
    		<div class="row footer-bottom-line">
    			<div class="text-muted small col-sm-6 col-xs-12">
    			<div class="text-muted small col-sm-6 col-xs-12
    				text-right footer-powered">
    					<a href="https://erpnext.com?source=website_footer" target="_blank" class="text-muted">
    	Powered by ERPNext</a>
    <!-- js should be loaded in body! -->
    <script type="text/javascript"
    <script src="https://cdnjs.cloudflare.com/ajax/libs/socket.io/2.0.4/socket.io.slim.js"></script>
    <script type="text/javascript"
    <script type="text/javascript"
    <script type="text/javascript" src="/website_script.js"></script>
    <script type="text/javascript" src="/assets/js/erpnext-web.min.js"></script>
    <script>frappe.csrf_token = "None";</script></body>

    I have searched for a similar issue but unfortunately I couldn’t find any. I will appreciate any help or guidance.


    What’s ur ERPNext version? How did you test OAuth2, POSTMAN?

    Here’s the guide for V11

    I had session expired problem when tested in POSTMAN.

    Hi, thanks for getting back to me. I tested it both in POSTMAN and through the terminal via python code. I’ll have a look at the links you sent I could be doing something wrong. As for the version, bench version gives me frappe 10.1.42 and erpnext 10.1.44. In theory it should work though I just am confused where the issue is. I’ll have a look at the links but if you’re aware of any issues with 10.1.44 let me know.

    Many Thanks


    ERPNext V10 works for fine me.

    your error similar to mine.

    can you share screenshot of postman setting? I want to see if something missing.