invalid_client - The client credentials are invalid
I know there are numerous posts about this error, but I'm new to the box API and could use some help narrowing down the issue.
I've created a custom application of type Server Authentication (Client Credentials Grant). I also authorized this application in the admin console on the Server Authentication Apps tab.
I'm coding in C#. I have the .NET SDK installed in my project, and I'm using the .NET code sample from this page in the documentation: https://developer.box.com/guides/authentication/client-credentials/
When I plug in my client ID, secret, and username and run the code, I get this message:
The API returned an error [BadRequest] invalid_client - The client credentials are invalid at Box.V2.Extensions.BoxResponseExtensions.ParseResults[T](IBoxResponse`1 response, IBoxConverter converter) at Box.V2.CCGAuth.BoxCCGAuth.<CCGAuthPostAsync>d__8.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Box.V2.CCGAuth.BoxCCGAuth.<UserTokenAsync>d__7.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult() at MvcApplication.Controllers.HomeController.<Index>d__0.MoveNext() in M:\Domains\Rhythm_Box\MvcApplication\Controllers\HomeController.cs:line 19
If anyone from box support sees this, the client ID is 4ro5njohgyhnhzee8xluse1j334g7tiw
The account I was logged into when I created the application is the one named API User, if that makes a difference.
Thank you for any assistance.
A quick update: I created a new app with JWT authentication, and that seems to be working okay. I'm still curious what about the original approach was incorrect, but I'll keep going with the JWT version instead.
This could be a few things. It looks like you have access to file a support ticket - so I would recommend doing that. That's going to be the fastest way to get the answer.
Alex, Box Developer Advocate
API User, here's an example of how I did the authentication.
I found that missing any of this params can cause the error you mentioned. And here I'm using the user id and enterprise id and everything from the app.
I think the box documentation for the client secret auth incorrectly points at using UserTokenAsync instead of AdminTokenAsync and does not list the builder method SetEnterpriseId
var boxConfig = new BoxConfigBuilder(boxClientID, boxClientSecret).SetEnterpriseId(boxEnterpriseID).Build();
var boxCCG = new BoxCCGAuth(boxConfig);
var tokenTask = boxCCG.AdminTokenAsync(); //valid for 60 minutes so should be cached and re-used
var token = tokenTask.Result;
var userClient = boxCCG.UserClient(token, boxUserID);
spilafis You solution finally works. Wasted two days. I still face same issue in PostMan
Does anyone know the same workflow that spilafis wrote out, but for python (with the box SDK)?
I've been stuck on this for some time!
Please sign in to leave a comment.