Banno Invalid Client access_token issue when using Postman

Question

I am able to generate access_token using command line example npx @jkhy/banno-client-creds-helper client-assertion --client-id=[CLIENT-ID] --private-key=private.pem successfully but unable to generate the access_token using Postman.

Below is the request and response when using https://banno.com/a/oidc-provider/api/v0/token API using Postman.

"Request Body": {
    "client_assertion": "xxxxxxxxxx",   (client_assertion generated using command line)
    "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
    "grant_type": "client_credentials",
    "scope": "openid",
  },
  "Response Headers": {
    "date": "Tue, 12 Apr 2022 16:35:50 GMT",
    "content-type": "application/json; charset=utf-8",
    "content-length": "77",
    "connection": "keep-alive",
    "x-request-id": "23573ece09990d419df945b263c80004",
    "x-b3-traceid": "353fcf7b7908a447",
    "x-b3-spanid": "2579854fba7e468c",
    "x-b3-sampled": "1",
    "access-control-allow-origin": "*",
    "x-b3-parentspanid": "e87977b8a21d048b",
    "pragma": "no-cache",
    "cache-control": "no-cache, no-store",
    "x-envoy-upstream-service-time": "102",
    "strict-transport-security": "max-age=15724800"
  },
  "Response Body": "{\"error\":\"invalid_client\",\"error_description\":\"client authentication failed\"}"

Answer 1

This looks to be a duplicate of Banno Admin API - Invalid Client. The trickiest part of the process is signing the JWT, and we're unfamiliar with doing so via Postman.