Problem when using client_credentials authentication type

Platform API OAuth
1

Hi,
I tried to use client_credentials authentication type because I need to authenticate on Purecloud on server side. I receive the error 400 bad request:

POST https://login.ininsca.com/oauth/token 400 (Bad Request)

  var clientId = "-----------------";
  var clientSecret = "---------------------";


  var key = base64.encode(clientId + ':' + clientSecret);
  console.log(key);

  var config = {
	method: 'POST',
    url: 'https://login.ininsca.com/oauth/token',
    headers: {
      'Accept': 'application/json',
      'Content-Type': 'application/x-www-form-urlencoded',
      'Authorization': 'Basic ' + key },
	data: { grant_type: 'client_credentials' }
  };


  var requestName = "/oauth/token";


  console.log('Begin Request: ' + requestName);
  //var request = $http(config);
  $http(config)
    .then(function success(response) {
      console.log('End Request: ' + requestName + ' (' + JSON.stringify(response.data) + ')');

...

  }, function error(response) {
    if (response.status === 400 && response.data) {
      console.log('Request: ' + requestName + ': ' + response.data.code + ': ' + response.data.message + ' (' + JSON.stringify(response.data) + ')');
    }
    else {
      console.log('Request: ' + requestName + ': HTTP ' + response.status + ' (' + response.statusText + ')');
    }
    console.log('End Request: ' + requestName);
  });

Do you know what is the problem ?
Thanks

2

A couple things:

  • Is that JavaScript? I'm not familiar with the base64.encode() function. Not saying it's wrong, but I can't confirm that will produce the correct value. Language-specific examples for how to encode the id and secret can be found here: https://developer.mypurecloud.com/api/rest/authorization/base-64-encoding.html.
    • If that's from a 3rd party library and seems to be working, just verify that it creates the exact same token as one of the known working methods. For example, Ruby has two methods for base64 encoding and one of them produces an invalid value. You can also use postman to generate the base64 encoded value to verify.
  • Take a look at the Node.js Client Credentials tutorial for a working example: https://developer.mypurecloud.com/api/tutorials/oauth-client-credentials/#nodejs
  • I'm guessing that you're using angular because of $http. I don't see anything obviously wrong with what you're doing, but I'm not an angular expert. You might try using plain JavaScript from the examples to see if you get a different result (to eliminate angular as a cause).
3

I use angular in my test. It works now, it was a problem with grant_type parameter:

  var config = {
	method: 'POST',
    url: 'https://login.ininsca.com/oauth/token',
    headers: {
      'Accept': 'application/json',
      'Content-Type': 'application/x-www-form-urlencoded',
      'Authorization': 'Basic ' + key },
	data: 'grant_type=client_credentials'
  };
1 Like
4