Error: Grant credentials are invalid
Hi,
I have created a Client Grant type application in our company Box application.
When trying to connect to it, I am getting following error:
curl -L -X POST "https://<companyboxurl>/oauth2/token"
-H "Content-Type: application/x-www-form-urlencoded"
--data-urlencode "client_id=<client_id>"
--data-urlencode "client_secret=<client_secret>"
--data-urlencode "grant_type=client_credentials"
--data-urlencode "box_subject_type=enterprise"
--data-urlencode "box_subject_id=<enterprise_id>"
On trying this, I am getting the below error:
{"error":"invalid_grant","error_description":"Grant credentials are invalid"}
Can you please let me know, what I might be missing.
-
I was able to get this working using the Authorization Code flow, but when I try using Client Credentials, I'm able to get an access token but using it results in a 404 Error. Do I need to request enterprise access even though my workplace has an enterprise account? I ask because if I were to try and use a console application to ultimately do what we need, my best bet is likely to convert my Authorization Code function into a web service the Console application can call in order to successfully make an API call itself.
-
@Hirosuke: Thank you for confirming! Please reauthorize your app in the admin console and try again now.
@Ruben: This is already selected appropriately on the backend so there seems to be another issue with your request. Can you please confirm that the client id and client secret you're sending are correct and associated with the same application?
@Arturo: This authentication type will obtain a token for the application's service account. A 404 indicates that the user associated with your access token does not have access to the content you're trying to call. If you're not sure who your access token is associated with you can use the get current user endpoint. You will either need to obtain an access token for a user that already has access to the content or collaborate in your service account to the content.
-
@Namrata: If you would like to use a, client credentials grant as shown in the first post of this thread, you will need to create an app with the auth type JWT with client credentials grant. Otherwise, the only way the invalid_credentials error can surface in OAuth 2 is if the email and password combination entered is invalid.
@Box User: Your application does not look affected by the bug in question. I'd start by verifying that the client ID and secret are both correct and for the same application.
-
Hi Kourtney,
Can you please look into this matter? Having the same issue.
1)
Auth Method: OAuth 2.0 with Client Credentials Grant (Server Authentication)
Client_ID: jte2rx61pddiq337dwk61kpbvulybrh7
App Access Level: App Access Only
2)
Auth Method: OAuth 2.0 with JSON Web Tokens (Server Authentication)
Client_ID: sdc5l30s0gmcgdje1wz6c794bzkbvgdb
App Access Level: App + Enterprise Access
3)
Auth Method: OAuth 2.0 (User or Client Authentication)
Client_ID: ojvskf3qzuzitlhmyxbz1ff3zkhi3c2w
-
Hey Kourtney, I'm facing same issue!
Client id: cm6x78mf9dibv7nmqykq9y3lsqoal31o
App Access Level: App Access Only
Thanks!
Please sign in to leave a comment.
Comments
44 comments