Invalid client credentials

New post

Comments

5 comments

  • Rui Barbosa

    Hi Micheal,

    I've used your exact same code and was successful as expected.

    import requests
    data = {
      'client_id': 'h5z4c7jqyn95dh3n06tv92x3ceztj0qi',
      'client_secret': 'xxx',
      'grant_type': 'client_credentials',
      'box_subject_type': 'user',
      'box_subject_id': '1234',
    }
    headers={
      "Content-Type": "application/x-www-form-urlencoded"
    }
    result= requests.post('https://api.box.com/oauth2/token', headers=headers, data=data).json()
    print(result)
    {'access_token': 'oQXf4...', 'expires_in': 3992, 'restricted_to': [], 'token_type': 'bearer'}

    So the only thing I can think of is the app configuration:

    So first make sure the app is of the correct type, your client secret is valid/the same as in your code and we often forget to re-authorize the app with the admin when we make changes. So check your authorization tab to see if the administrator has authorized your app:

    If you are the administrator, then navigate to your administration console, custom apps manager and check or approve your app:

     

    Let us know if this helps.

    Cheers

     

     

     

    0
    Comment actions Permalink
  • Box User

    Hi, Thanks for the reply, I have followed all the steps you have laid out and I am still having the same issue, double checked the client id and client secret and they match. But if I set the box_subject_type to 'enterprise' and use the enterprise id, I get a successful login and get a bearer token, but when logged in as the enterprise, if I go to list files in the root directory I get an empty response even though there are files in the root dir. Also it does work if I use the developer token as the bearer token and I can see all files and folders in the root dir. Any other thoughts? Does Box themselves have to authorize access to an api account?

    Thank You.

    0
    Comment actions Permalink
  • Rui Barbosa

    We are considering too many variables at the same time.

    First the client grant for a user, please check if you have, under the authentication these options:

    if this doesn't work please send me all your app configurations so I can take a look,

    Do not forget to re-authorize the app with the admin when you change something.

    The second issue, when you mention "but when logged in as the enterprise, if I go to list files in the root directory I get an empty response even though there are files in the root dir", that is expected, the question is which root dir? (each user and app has one)

    When you are using the enterprise id it is the root dir of the app, when you are using the user, it is the root dir of that specific user.

    Let us know if this helps.

    Cheers

     

    0
    Comment actions Permalink
  • Box User

    Thank you. I had those advanced features checked the first time but never reauthorized the app and when it did not work, I had unchecked them again. But by now checking them and reauthorizing the app from the admin console that has solved it. Thanks for all the help.

    0
    Comment actions Permalink
  • Rui Barbosa

    Awesome!

    0
    Comment actions Permalink

Please sign in to leave a comment.