Hi @Gowtham V , this error indicates that the authorization code was issued for a different client ID than the one used to redeem it. This can happen when the client ID or redirect URI is not configured correctly.
To fix this issue, you can try the following steps:
- Make sure that the client ID and redirect URI in your application registration match the ones used in your code.
- Ensure that the redirect URI is correctly configured in your application registration. The redirect URI must match the URI used in your code exactly, including the scheme, host, and port.
- If you are using SPA make sure that you have configured the correct redirect URI for your SPA in your application registration. The redirect URI for a SPA should be the URL of the SPA itself, not a server-side endpoint.
- If you are using a SPA, you may need to use the Proof Key for Code Exchange (PKCE) flow instead of the standard authorization code flow. PKCE is a security feature that helps prevent authorization code interception attacks. To use PKCE, you will need to modify your code to include a code verifier and code challenge in the authorization request.
Please let me know if you have any questions and I can help you further.
If this answer helps you please mark "Accept Answer" so other users can reference it.
Thank you,
James