问题
I am trying to get an auth token from the RingCentral auth token /restapi/oauth/token
endpoint with cURL but it fails with the error:
400 Bad Request
{
"error": "unauthorized_client",
"error_description": "Unauthorized for this grant type",
"errors": [
{
"errorCode": "OAU-251",
"message": "Unauthorized for this grant type"
}
]
}
This is what I have tried:
curl -X POST "https://platform.devtest.ringcentral.com/restapi/oauth/token" \
-H "Accept: application/json" \
-H "Content-Type: application/x-www-form-urlencoded" \
-u "clientId:clientpassword" \
-d "username=username&password=password&extension=101&grant_type=password"
回答1:
OAuth 2.0 Password Flow
You're making an OAuth 2.0 request using the OAuth 2.0 password grant (grant_type=password
), also known as "Password flow" in the RingCentral Developer Portal and formally as the "Resource Owner Password Credentials" grant in the OAuth 2.0 IETF RFC 6749 standard.
In order to use the password flow, your application must support the Password flow
Authorization Type as sown in the screenshots below.
To use this flow, your app needs to fulfill two criteria:
- Be able to protect the client secret: application credentials include a client id and a client secret. For the password flow, the client secret must be protected from end users, e.g. on a secure server app. It cannot be used with a browser-only client-side app because end-users would be able to inspect and retrieve the client secret.
- Be a private app: the password flow requires the app owner to have access to the resource owner's (aka end user) password. Because of this, it can only be used with private apps where the app owner and the resource owner are in the same organization. It is not supported for public apps because passwords should not be made available app developers.
To use this grant type, you need to make sure your app is configured to have the Password flow grant in the RingCentral Developer Portal as shown below:
Create App Wizard
When creating an app, make sure to ensure "Password flow" is selected. Your options are based on on the "Application type" and "Platform type" for your app, which in turn are related to the security specifications of your app.
Here is an animated GIF showing various app to OAuth grant settings.
App Settings Page
To verify an existing app has "Password flow" enabled, go to the app's "Settings" page's "OAuth Settings" section and verify Password flow is present.
Here's some information on the password grant in IETF RFC 6749:
https://tools.ietf.org/html/rfc6749#section-1.3.3
来源:https://stackoverflow.com/questions/47692828/ringcentral-auth-token-failed-in-curl-call-unauthorized-for-this-grant-type