Unable to get client_credentials grant working with Sandbox
-
I'm trying to test out the
client_credentials
token exchange as outlined in the API Docs using the sandbox FusionAuth instance.From that sandbox instance, I can see there's an application already defined called PiedPiper, w/ client id
85a03867-dccf-4882-adde-1a79aeec50df
and client secretxX65482kHnst49kc5T4zvWyYA3vXDL9XDj5jAR6vAVE
.Using the above info, I'm making a call to the OAuth API via the
curl
command below:curl -L -X POST 'https://sandbox.fusionauth.io/oauth2/token?grant_type=client_credentials' -H 'Content-Type: application/x-www-form-urlencoded' -H 'Authorization: Basic ODVhMDM4NjctZGNjZi00ODgyLWFkZGUtMWE3OWFlZWM1MGRmOnhYNjU0ODJrSG5zdDQ5a2M1VDR6dld5WUEzdlhETDlYRGo1akFSNnZBVkU='
Unfortunately, the response I'm getting is:
{"error":"invalid_client","error_description":"client_id: 85a03867-dccf-4882-adde-1a79aeec50df is not valid.","error_reason":"invalid_client_id"}
Is there a step I'm missing? Is the sandbox instance locked down to not work w/ API calls?
-
The sandbox should work fine.
However, in FusionAuth you don't use applications with the client credentials grant.
Instead, you use entities. Here is some doc around that:
https://fusionauth.io/docs/v1/tech/oauth/#configure-entities
https://fusionauth.io/docs/v1/tech/oauth/#example-client-credentials-grant
HTH.
-
@dan Ah, that makes sense. On closer inspection, I also see the API docs you referenced explicitly say that only entities are supported
Thanks for the prompt support! Will check it out.