OAuth client_credentials

I am trying to receive token to make API calls, for so I am using client_credentials grant, after configuring the OAuth service (at:https://apps.mypurecloud.com.au/directory/#/admin/integrations/oauth) to create a new app and generate the credentials I receive the following JSON: {"error":"invalid_client","description":"authentication failed"}

The command line that I have used to test was:

curl -k -v -H "Content-Type: application/x-www-form-urlencoded" -H "Authorization: Basic BASE64(my-id:my-secret)" -d "grant_type=client_credentials" -X POST https://login.mypurecloud.com/oauth/token

I have seen some other people with the same problem, but the solution was not there or wasn't clear for me, so please can anyone help me on that?

Regards,

-Rod

Rod,

I think your trouble may stem from the Authorization header that you are trying to send. In Client Credentials grant you need to get your client id and secret from the Integrations->OAuth section of PureCloud Admin. You'll need to concatenate the client id and secret together, separated by a ':', so it looks like this "<client_id_here>:<client_secret_here>". Then you need to base64 encode that concatenated string.

As an example if you have the following:

Client ID: 'open'
Client Secret: 'sesame'

If you base64 encode the string 'open:sesame', you get 'b3BlbjpzZXNhbWU='. Then your HTTP Authorization header will look like this:

Authorization: Basic b3BlbjpzZXNhbWU=

Here is more info on client credentials grant here: https://developer.mypurecloud.com/api/rest/authorization/use-client-credentials.html

Hope that helps.

Hi Crespino,

Thanks for answering. What you said is exactly what I have done. I got the "client-id"+:+"secret" from OAuth, then encoded that string using Base64 encoder. Forming the string "Authorization: Basic ". I have used exactly what is in curl in my question and also tried using genesys sample code to fetch the token, but always fails with JSON: {"error":"invalid_client","description":"authentication failed"}.

So, I am sorry but you did not answer my question.

As far as I'm aware there is no BASE64() function built into CURL. So you have two options.

1. Use the '-u username:password' command line parameter for CURL. So your request would look like this:

curl -k -v -H "Content-Type: application/x-www-form-urlencoded" -u my-id:my-secret -d "grant_type=client_credentials" -X POST https://login.mypurecloud.com/oauth/token

2. Use the '-h "Authorization: Basic " command line parameter for CURL. You use this parameter you would have to first use an online base64 encoder like https://www.base64encode.org to encode the "my-id:m-secret" string. Then you would have to paste that base64 encoded string into the request. Your request would look like this, but using your base64 encoded credentials in the header:

curl -k -v -H "Content-Type: application/x-www-form-urlencoded" -H "Authorization: Basic b3BlbjpzZXNhbWU=" -d "grant_type=client_credentials" -X POST https://login.mypurecloud.com/oauth/token

Both of those examples work for me and return an access token.

Dear Crespino,

thanks again for your answer. I just got the answer for my problem and I am writing to clear that for other colleagues that could get the same problem. So the answer is:

• Once I am in Australasian region, I need to insert .au in the end of my request for token, such as in:
  curl -k -v -H "Content-Type: application/x-www-form-urlencoded" -H "Authorization: Basic ENCODED-STRING" -d "grant_type=client_credentials" -X POST https://login.mypurecloud.com.au/oauth/token

Notice the url has been changed "https://login.mypurecloud.com.au/oauth/token", so now it is working like a charm.

Thanks again for your help,

Regards,

-Rod

Great! Glad you got it working.

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.