OAuth Token API Unauthorized

When I try to access https://us.battle.net/oauth/token via a Node JS Fetch request, I am getting back a {"error":"unauthorized","error_description":"An Authentication object was not found in the SecurityContext"}

First, I access https://us.battle.net/oauth/authorize which then sends a token via myredirecturi?code=XXX

Then, I do

router.get('/redirect', (req, res) => {
	requests.postData('https://us.battle.net/oauth/token', {
		"grant_type": "authorization_code",
		"code": XXX,
		"client_id": "client_id",
		"scope": "wow.profile"
	}).then(data => {
    		res.send(text + " " + code + " D "+ simpleStringify(data));
  	}).catch((error) => {
		res.send("E " + error)
async function postData(url, data) {
	var headers = {
		"Content-Type": "application/json",
		"client_id": "client_id",
		"client_secret": "client_secret"
	const response = await fetch(url, {
		headers: headers,
		method: "POST",
		body: JSON.stringify(data)
	return response.json();

However, I am getting an odd error:

{"error":"unauthorized","error_description":"An Authentication object was not found in the SecurityContext"}

Any guidance on how to proceed?

Hey Evilsmaher,

I’ve put together a extremely basic bare bones example of consuming the authorization code flow with the Blizzard APIs that you can take a look at. I DO NOT endorse this code for completeness or for following best practices for security or otherwise, but it should get you moving forward as an example.


Best of luck.