@salesforce/b2c-tooling-sdk / auth / encodeBasicClientCredentials
Function: encodeBasicClientCredentials()
encodeBasicClientCredentials(
clientId,clientSecret):string
Defined in: packages/b2c-tooling-sdk/src/auth/client-credentials.ts:58
Builds the base64 payload for an Authorization: Basic header carrying OAuth client credentials, per RFC 6749 §2.3.1.
The client identifier and client password are each form-url-encoded (RFC 6749 Appendix B) before being joined with a colon and Base64-encoded (RFC 7617 §2, the HTTP Basic scheme). Skipping the per-component encoding corrupts any credential containing characters the server form-url-decodes: a raw + is read as a space and a valid %xx escape is decoded to another byte (both yield invalid_client -- a wrong-but-valid secret), while an invalid escape such as %zz makes a strict decoder error out (unauthorized_client / "Unexpected error when authenticating client"). The same credential succeeds when sent in the request body, which is form-url-encoded by construction -- the "body works, Basic fails" symptom.
Parameters
clientId
string
The OAuth client identifier
clientSecret
string
The OAuth client password/secret
Returns
string
The Base64 string to place after Basic in the Authorization header