Unable to get client_credentials grant working with Sandbox

patrick.valle

I'm trying to test out the client_credentials token exchange as outlined in the API Docs using the sandbox FusionAuth instance.

From that sandbox instance, I can see there's an application already defined called PiedPiper, w/ client id 85a03867-dccf-4882-adde-1a79aeec50df and client secret xX65482kHnst49kc5T4zvWyYA3vXDL9XDj5jAR6vAVE.

Using the above info, I'm making a call to the OAuth API via the curl command below:

curl -L -X POST 'https://sandbox.fusionauth.io/oauth2/token?grant_type=client_credentials' -H 'Content-Type: application/x-www-form-urlencoded' -H 'Authorization: Basic ODVhMDM4NjctZGNjZi00ODgyLWFkZGUtMWE3OWFlZWM1MGRmOnhYNjU0ODJrSG5zdDQ5a2M1VDR6dld5WUEzdlhETDlYRGo1akFSNnZBVkU='

Unfortunately, the response I'm getting is:

{"error":"invalid_client","error_description":"client_id: 85a03867-dccf-4882-adde-1a79aeec50df is not valid.","error_reason":"invalid_client_id"}

Is there a step I'm missing? Is the sandbox instance locked down to not work w/ API calls?

dan

The sandbox should work fine.

However, in FusionAuth you don't use applications with the client credentials grant.

Instead, you use entities. Here is some doc around that:

https://fusionauth.io/docs/v1/tech/oauth/#configure-entities

https://fusionauth.io/docs/v1/tech/oauth/#example-client-credentials-grant

HTH.

patrick.valle

@dan Ah, that makes sense. On closer inspection, I also see the API docs you referenced explicitly say that only entities are supported

Thanks for the prompt support! Will check it out.