Unable to get client_credentials grant working with Sandbox



  • I'm trying to test out the client_credentials token exchange as outlined in the API Docs using the sandbox FusionAuth instance.

    From that sandbox instance, I can see there's an application already defined called PiedPiper, w/ client id 85a03867-dccf-4882-adde-1a79aeec50df and client secret xX65482kHnst49kc5T4zvWyYA3vXDL9XDj5jAR6vAVE.

    Using the above info, I'm making a call to the OAuth API via the curl command below:

    curl -L -X POST 'https://sandbox.fusionauth.io/oauth2/token?grant_type=client_credentials' -H 'Content-Type: application/x-www-form-urlencoded' -H 'Authorization: Basic ODVhMDM4NjctZGNjZi00ODgyLWFkZGUtMWE3OWFlZWM1MGRmOnhYNjU0ODJrSG5zdDQ5a2M1VDR6dld5WUEzdlhETDlYRGo1akFSNnZBVkU='
    

    Unfortunately, the response I'm getting is:

    {"error":"invalid_client","error_description":"client_id: 85a03867-dccf-4882-adde-1a79aeec50df is not valid.","error_reason":"invalid_client_id"}
    

    Is there a step I'm missing? Is the sandbox instance locked down to not work w/ API calls?



  • The sandbox should work fine.

    However, in FusionAuth you don't use applications with the client credentials grant.

    Instead, you use entities. Here is some doc around that:

    https://fusionauth.io/docs/v1/tech/oauth/#configure-entities

    https://fusionauth.io/docs/v1/tech/oauth/#example-client-credentials-grant

    HTH.



  • @dan Ah, that makes sense. On closer inspection, I also see the API docs you referenced explicitly say that only entities are supported 😅

    Thanks for the prompt support! Will check it out.


Log in to reply
 

Looks like your connection to FusionAuth Forum was lost, please wait while we try to reconnect.