Welcome to the new Box Support website. Check out all the details here on what’s changed.

getting Invalid grant_type parameter or parameter missing

New post

Comments

4 comments

  • Alex Novotny

    Hi, 

    Are you running that exact code or do you have actual values for grant type, code, client id, and client secret? 

    Thanks, 

    Alex, Box Developer Advocate

    0
    Comment actions Permalink
  • Samuel Ordu

    I am experiencing the same problem with getting an access and refresh token. Please I need assistance. 

     

    Error: 

    {
    "error": "invalid_request",
    "error_description": "Invalid grant_type parameter or parameter missing"
    }
     
    Params: 
    0
    Comment actions Permalink
  • Scott Benton

    Good afternoon. I am getting the same error when trying to exchange authorization for a Box bearer token. I'm developing a PHP app with Laravel. Following is my PHP code, raw response from the Box API, and also an echo of my raw POST request from my local Node server for testing.

    PHP code generating POST request for bearer token:

    $data = array(
      'grant_type' => 'authorization_code',
      'code' => $auth_code,
      'client_id' => $client_id,
      'client_secret' => $client_secret
    );

    $url = 'https://api.box.com/oauth2/token';

    $response = Http::withHeaders(
      [
        'Content-Type' => 'application/x-www-form-urlencoded'
      ]
    )->post($url, $data);

    if ($response) :
      echo '<pre>';
      json_decode(var_dump($response->json()));
      echo '</pre>';
      die();
    endif;

    Response from https://api.box.com/oauth2/token

    array(2) {
      ["error"]=>
      string(15) "invalid_request"
      ["error_description"]=>
      string(49) "Invalid grant_type parameter or parameter missing"
    }

    Response from a local node.js server, which is just echoing back my request.

    POST /
    {
      host: 'localhost:3000',
      'user-agent': 'GuzzleHttp/7',
      'content-type': 'application/x-www-form-urlencoded',
      'content-length': '175'
    }
    BODY: {
      "grant_type":"authorization_code",
      "code":"******************************",
      "client_id":"******************************",
      "client_secret":"*********************************"
    }

    Note that I've replaced client-specific output with ****** above, but I'm seeing the correct values for code, client_id, and client_secret in the output from my local Node server.

    Does anything appear to be incorrect in my POST request above? Or are there any additional header, etc. that I should try? I've tried these requests with some older versions of Guzzle (Laravel's recommended Http client) and I'm getting the same results.

    0
    Comment actions Permalink
  • Scott Benton

    Update - after playing with some additional options, I came up with the following function which works as expected using Guzzle 7.1 and Laravel 8.83.2.

    public function postWithGuzzle($url=null, $data=null) {

    $url = 'https://account.box.com/api/oauth2/token';

      $response =  Http::asForm()
        ->accept('*/*')
        ->post($url, $data);

      if ($response) {
        echo '<pre>';
        var_dump($response->json());
        echo '</pre>';
      }

      die();

    }

    The $url used above is 'https://account.box.com/api/oauth2/token'. The $data is a simple array including client_secret, client_id, code (the authorization code returned after user grants authorization), and the 'grant_type' => 'authorization_code'. This is now returning a bearer token for me.

    0
    Comment actions Permalink

Post is closed for comments.