Im using the following configuration for generatin auth code:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> OAuthV2: Generate Authorization Code false GenerateAuthorizationCode scope client_id code 600000where scope=openid and client_id=my developer’s app client_id
This configuration is giving me invalid_request error(500 error)
Any help would be appreciated 
Hi @Raunak Narooka,
Please could you paste the response body and run a trace and see what other information is provided in the OAuthV2 policy? There should be more information there!
My first guesses would be…
The tag expects a variable, such as request.formparam.scope or request.queryparam.scope to indicate where in the request scope can be found. Is scope a valid variable for you?
The same for ClientId. If you exclude this tag, it will decode the Basic Authentication header, as per the OAuth2 spec
Some other policy in your flow might be failing, such as an Assign Message policy not resolving a variable or Extract Variables seeing a malformed JSON/XML payload. The response payload may give you more information about this!
Hope this gives you a head start in debugging this issue
@Raunak Narooka Don’t you need to specify the SupportedGrantTypes? please follow the GenerateAccessToken doucment in http://docs.apigee.com/api-services/content/oauthv2-policy
Based on current information, I am afraid it caused by the scope and clientid.
It should looks like request.queryparam.client_id
May I know if you missed “request.queryparam”?
The variable request.queryparam.client_id indicates that the client_id should be present as a query parameter, as, for example, ?client_id=AfGlvs9.