Error:- invalid_client While making reuest to get auth token

  • 1
  • Question
  • Updated 1 year ago
  • Answered
  • (Edited)
Hi Geek's ,


I have got the code from following request:-

https://identity.reckon.com/connect/authorize?client_id=<<CLIENTID>>&response_type=c...
URL>>&state=random_state&nonce=random_nonce


After
receiving code from above request,I have made request to get Auth Token which I will use for further API's request's. Bellow is my sample code.

I have follow  Typical token request call  as suggested in Authorisation Services https://reckon.helpdocsonline.com/reckon-api-authorisation-services


     var params = {
                grant_type: 'authorization_code',
                code: code,                            
                redirect_uri: 'http://localhost:2626/APITEST.aspx',
              
            };
           
        1.var basStr = window.btoa("ClientId") + ":" + window.btoa("ClientSecret")


            $.ajax({
                url: "https://identity.reckon.com/connect/token?"; + $.param(params),
                beforeSend: function (xhrObj) {
                    xhrObj.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
                    xhrObj.setRequestHeader("Authorization", "Basic "+basStr);
                 
                  
                },
                type: "POST",
             
            })
            .done(function (data) {
                console.log(data);
                alert("success");
            })
            .fail(function () {
                alert("error");
            });




I have tried both way to pass Authorization header in ajax request.

1.var basStr = window.btoa("ClientId") + ":" + window.btoa("ClientSecret")

And

 2.var basStr ="
ClientId:ClientSecret"
But After both effort I got same response as an error: -

Error:- invalid_client




Please suggest what I missed in my code, Or what i need to follow for getting Auth Token.

TIA
Regard's
Ravinder Singh
Photo of Ravinder Singh

Ravinder Singh

  • 80 Points 75 badge 2x thumb

Posted 1 year ago

  • 1
Photo of Ifti

Ifti, Product Manager

  • 6,202 Points 5k badge 2x thumb
Hi Ravinder,

From your codes, it seems like you're sending the "params" in the URL instead of the body.
     url: "https://identity.reckon.com/connect/token?"; + $.param(params),


Please refer to the "Body" section of the doc (excerpt from the link):

The typical URL call is the following:

 URL 

https://identity.reckon.com/connect/token

Type

POST

Body

grant_type=authorization_code&code=<<CODE>>&redirect_uri=<<REDIRECT URI>>

Headers

Content-Type = application/x-www-form-urlencoded

Authorization: Basic <<CLIENTID:CLIENTSECRET ENCODED IN BASE64>>

After this call is successfully sent, the response will include an access token and refresh token. Once you have obtained this you can use the refresh token to obtain new access tokens without the user having to input their credentials again.

 

For example if your client id is 1234 and your secret is 5678 the correct authorization header is Authorization: Basic <<1234:5678 ENCODED IN BASE64>>


Please give that a try and let us know the outcome.


Thanks

Ifti   
Photo of Ravinder Singh

Ravinder Singh

  • 80 Points 75 badge 2x thumb
Hi Ifti   ,

I have just tried which you suggested but still getting same error. I have few queries again may be they will resolve my problem:-

1.I am making ajax(jquery) request for getting token. Is it okay make ajax request for getting token ?

2.I am converting client Id and Client  Secret with following way( I have tried both So I just want to share with you)

//window.btoa is using for coverting string to base64
 
          1st Approach

              var str=window.btoa(clientId)+":"+window.btoa(ClientSecret);
 
          2nd Approach

               var  client= clientId+":"+ClientSecret

               var str=window.btoa(client);

         3rd Approach without converting to base64

              var str= clientId+":"+ClientSecret.

3.below is my complete code again please verify.


     var  client= clientId+":"+ClientSecret


            $.ajax({
                url: "https://identity.reckon.com/connect/token?";,
                beforeSend: function (xhrObj) {
                    xhrObj.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
                    xhrObj.setRequestHeader("Authorization", "Basic " +window.btoa(client));
                    // Request headers                  
                },
                type: "POST",
                // Request body
                data: JSON.stringify($.param(params)),
            })
            .done(function (data) {
                console.log(data);
                alert("success");
            })
            .fail(function () {
                alert("error");
            });


Please review the code and tell where I am wrong ?
Photo of Simon Hutchinson

Simon Hutchinson, Employee

  • 2,392 Points 2k badge 2x thumb
Hi Ravinder,

1. Yes its ok to use JQUERY

2. One thing you can try is as a test is manually encrypt into base64 at base64encode.org and try that to ensure the actual base64 code is working

Thanks

Simon H
Reckon API