errors.com.epicgames.common.oauth.unauthorized_client

[Michele404]

Guys I got this error: It worked since now and I have never edit something

error = "unauthorized_client"; errorCode = "errors.com.epicgames.common.oauth.unauthorized_client"; errorMessage = "Sorry your client is not allowed to use the grant type password"; "error_description" = "Sorry your client is not allowed to use the grant type password"; intent = prod; messageVars = ( ); numericErrorCode = 1015; originatingService = "com.epicgames.account.public";

[SzymonLisowiec]

Today EpicGames updates launcher and authorization. Now, We have to use grant exchange_code, but can't get exchange_code 👎 I suspect, authorization runs on non-HTTP protocol.

[Michele404]

errorCode = "errors.com.epicgames.common.missing_permission"; errorMessage = "Sorry your login does not posses the permissions 'account:oauth:exchangeTokenCode CREATE' needed to perform the requested operation"; intent = prod; messageVars = ( "account:oauth:exchangeTokenCode", CREATE ); numericErrorCode = 1023; originatingService = "com.epicgames.account.public";

[kavvson]

I am also investigating this, for now, I found out: the first initial login has to be grand_type : client_credentialsthis returns the first token without permissions I assume, then there is a second call to refresh the token and then doesn't make sense nor works ( based on fiddler )

[Berkodev]

Looking into this too, I'm thinking there may be a way to ask for these permissions on the first call (especially given the includePerms=true part). Wasn't able to find it yet.

[Michele404]

@kavvson when I try to make the call with client_credentials I only get access token and not refresh token

[kavvson]

@kavvson when I try to make the call with client_credentials I only get access token and not refresh token

seems there is another call after this first one, but I get an error grant_type=refresh_token&refresh_token={token}&includePerms=true&token_type=eg1

[Michele404]

Do you got discord? Add me: Mich#6210 We try to fix that.

[SzymonLisowiec]

I am also investigating this, for now, I found out: the first initial login has to be grand_type : client_credentialsthis returns the first token without permissions I assume, then there is a second call to refresh the token and then doesn't make sense nor works ( based on fiddler )

grant client_credentials is using while authorization for launcher and next for user's account is using grant exchange_code. I think, authorization is carried out by raw TCP/UDP protocol and only then is exchanging to HTTP bearer token. I don't have any idea, how to get around it.

[Michele404]

@SzymonLisowiec add me on discord Mich#6210 We are trying to fix it

[Cabskee]

I am interested in this as well, please keep this thread updating with any fix(es) you guys find!

[Fyb3roptik]

I am here because of this issue. Using the golang library, so I will patch that on my end once we figure this out!

[Michele404]

@qlaffont Do you got news?

[Velkon]

This is my currently working fix for this:

https://github.com/SzymonLisowiec/node-epicgames-client/issues/15#issuecomment-446396100

[ShadowRanger]

Although this new method of a fix may work fine, and be a potentially better option with support for 2FA and additional options, an easier fix is to just update the launcher authorization key as displayed here: https://github.com/Tustin/fortnite-php/commit/58a1f7c94eb3c41c8bbb4b07abc4d744bbb5dce8

Credits to @Tustin for this fix.

[ChobPT]

Found a very quick way around this (based on Tustin's work):

Update the launcher access token to MzQ0NmNkNzI2OTRjNGE0NDg1ZDgxYjc3YWRiYjIxNDE6OTIwOWQ0YTVlMjVhNDU3ZmI5YjA3NDg5ZDMxM2I0MWE=

in the fortnite-api/index.js file open the Find and Replace tool from whatever coding app you're using and Replace: Authorization:

with

User-Agent => "Fortnite/++Fortnite+Release-7.01-CL-4644078 IOS/11.3.1", Authorization:

This worked for me in this API