Level up your Box knowledge with brand new learning paths on Box University. Visit training.box.com to get started

Box Status

invalid_client - The client credentials are invalid

Follow
New post
API User
  • Edited

I know there are numerous posts about this error, but I'm new to the box API and could use some help narrowing down the issue.

I've created a custom application of type Server Authentication (Client Credentials Grant).  I also authorized this application in the admin console on the Server Authentication Apps tab.

I'm coding in C#.  I have the .NET SDK installed in my project, and I'm using the .NET code sample from this page in the documentation: https://developer.box.com/guides/authentication/client-credentials/

When I plug in my client ID, secret, and username and run the code, I get this message:

The API returned an error [BadRequest] invalid_client - The client credentials are invalid at Box.V2.Extensions.BoxResponseExtensions.ParseResults[T](IBoxResponse`1 response, IBoxConverter converter) at Box.V2.CCGAuth.BoxCCGAuth.<CCGAuthPostAsync>d__8.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Box.V2.CCGAuth.BoxCCGAuth.<UserTokenAsync>d__7.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult() at MvcApplication.Controllers.HomeController.<Index>d__0.MoveNext() in M:\Domains\Rhythm_Box\MvcApplication\Controllers\HomeController.cs:line 19

If anyone from box support sees this, the client ID is 4ro5njohgyhnhzee8xluse1j334g7tiw

The account I was logged into when I created the application is the one named API User, if that makes a difference.

Thank you for any assistance.

----

A quick update: I created a new app with JWT authentication, and that seems to be working okay.  I'm still curious what about the original approach was incorrect, but I'll keep going with the JWT version instead.

1

Comments

5 comments

Date Votes
  • Alex Novotny

    Hello, 

    This could be a few things. It looks like you have access to file a support ticket - so I would recommend doing that. That's going to be the fastest way to get the answer. 

    Alex, Box Developer Advocate

    2
    Comment actions Permalink
  • spilafis

    API User, here's an example of how I did the authentication.

    I found that missing any of this params can cause the error you mentioned. And here I'm using the user id and enterprise id and everything from the app.
    I think the box documentation for the client secret auth incorrectly points at using UserTokenAsync instead of AdminTokenAsync and does not list the builder method SetEnterpriseId

    var boxConfig = new BoxConfigBuilder(boxClientID, boxClientSecret).SetEnterpriseId(boxEnterpriseID).Build();
    var boxCCG = new BoxCCGAuth(boxConfig);
    var tokenTask = boxCCG.AdminTokenAsync(); //valid for 60 minutes so should be cached and re-used
    tokenTask.Wait();
    var token = tokenTask.Result;
    var userClient = boxCCG.UserClient(token, boxUserID);
    2
    Comment actions Permalink
  • kushe

    spilafis You solution finally works. Wasted two days. I still face same issue in PostMan

    2
    Comment actions Permalink
  • spilafis

    @kushe, then upvote

    0
    Comment actions Permalink
  • Jackie Martinez

    Does anyone know the same workflow that spilafis wrote out, but for python (with the box SDK)?

    I've been stuck on this for some time!

    0
    Comment actions Permalink

Post is closed for comments.