Using Rails and Oauth2, I am running into an error that says: "{"error_description":"Invalid client or client credentials","error":"invalid_client"}"
What is strange that I'm able to generate the initial URL:
Takes me to the "XXX is requesting permission for the following: etc..." I see the name of the APP I created which leads me to think that the client id I am passing is correct.
I created my own strategy based off this:
https://github.com/omniauth/omniauth-oauth2
I specified the following:
option :client_options, {
site: 'https://api.cc.email/v3/',
token_url: 'https://idfed.constantcontact.com/as/token.oauth2',
authorize_url: 'https://api.cc.email/v3/idfed',
grant_type: "authorization_code"
}
Any ideas on where to look?
Hello @JamesC400,
Thank you for reaching out to Constant Contact's API Support.
That error means one of two things. Either the API Key you are using in invalid; which doesn't seem likely since you are able to generate your authorization code, or the authorization header you are using was not generated correctly.
In Steps 4 and 5 of the oAuth flow you need to include an authorization header that uses a Basic token and the way you generate that is by putting your api_key and client_secret together separated by a : (colon). Then base64 encoding that.
Here is an example of how the header would look if I were to be submitting a cURL command and encoded api_key:client_secret.
header 'Authorization: Basic YXBpX2tleTpjbGllbnRfc2VjcmV0'
Hi,
Thanks for the response! You led me in the right direction. Turns out there was a typo while constructing the Authorization header on my end.
thanks a lot!
I have built an integration that was refreshing tokens every 30 minutes for 2 months, then yesterday it stopped working.
I get the same message:
"response": {
"error_description": "Invalid client or client credentials",
"error": "invalid_client"
}
In the code, I am setting the Authorization header:
'Authorization: Basic ' . base64_encode($request['api_key'] . ':' . $request['secret'])
When I check the API key in the API Reference it works. Also, I have triple checked the API Key and Secret. I am able to complete steps 1-4 of the workflow: https://v3.developer.constantcontact.com/api_guide/server_flow.html
But step 5 is breaking... not sure what could be wrong.
Hi @WillH772,
I'm happy to check in to this, but in order to do that I would need some information that is best kept private. I would suggest to email us at webservices(at)constantcontact.com and provide your API Key, Client Secret, and Redirect URI, so I can try to replicate.
Hello, I sent an email last Friday morning and have not received a response.
The holidays have come and gone. For many seasonal businesses, this means the rush of shoppers has decreased as well. Instead of turning off the lights and waiting for spring, make your email marketi...
See Article