search

ordercloud-api / oc-documentation

MIT License
2 stars 63 forks source link

Add 'client_secret' to the oauth/token parameters request example #312

Closed Elyseum closed 2 years ago

Elyseum commented 3 years ago

The example request to get an oauth/token on https://ordercloud.io/learn/getting-started/making-your-first-request is missing the client_password parameter. When I execute the example code, I get back

{
    "error": "invalid_client",
    "error_description": null,
    "Errors": [
        {
            "ErrorCode": "Auth.OauthError",
            "Message": "invalid",
            "Data": {
                "error": "invalid_client",
                "error_description": null
            }
        }
    ]
}

After adding the 'client_secret' (as suggested on https://stackoverflow.com/questions/68551922/generating-oauth-token-on-sandbox-throws-servererror) I get back an access token:

{
    "access_token": "eyJ.....",
    "refresh_token": null,
    "token_type": "bearer",
    "expires_in": 36000
}
djsteinmetz commented 2 years ago

If a Client Secret is defined on the API client, it will be required for all OAuth workflows. There is a note in the Knowledge Base article on Authentication mentioning this requirement, but I will also add a note to the Getting Started guide as well.

djsteinmetz commented 2 years ago

Addressed in the latest release