Reckon One Error "Invalid_client" on tokenrequest

  • 1
  • Question
  • Updated 11 months ago

Dear Reckon,

 

I am facing this issue when I connect to reckon one and request for token it always return “invalid_client” kindly help.

This is my request in C#

private static string clientId = "eddded14-db13-4c61-86cd-0a85c42cbe8a";

private static string clientSecret = "84143f59-0c4e-41f2-bc8f-753be9333eec";

var code = Request.QueryString["code"];

 

public Task<HttpResponseMessage> GetToken(string code)

        {

            var client = new HttpClient();

 

            var token = string.Format("Basic {0}", Base64Encode(clientId + ":" + clientSecret));

            var uri = "https://identity.reckon.com/connect/token";

            var content = new FormUrlEncodedContent(new[]

            {

                new KeyValuePair<string,string>("grant_type","authorization_code"),

                new KeyValuePair<string,string>("code",code),

                new KeyValuePair<string,string>("redirect_uri",baseUri),

            });

             content.Headers.ContentType = new System.Net.Http.Headers.MediaTypeHeaderValue("application/x-www-form-urlencoded");

            HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Post, uri);

            request.Content = content;

            request.Headers.Add("Authorization", token);

            var response = client.SendAsync(request);

            return response;

        }

 

Best Regards,

Muhammad Usama
Photo of Muhammad Usama

Muhammad Usama

  • 130 Points 100 badge 2x thumb

Posted 11 months ago

  • 1
Photo of Ifti

Ifti, Product Manager

  • 6,236 Points 5k badge 2x thumb
Hi Muhammad,

Thank you for your email.

Seems like you're hitting the wrong URI.

Can you please follow the instructions from our Auth Overview section of our helpdocs?

https://reckon.helpdocsonline.com/reckon-api-authorisation-services



Excerpt from the site:

Sample HTTPS Call (Authorization Code grant type)

https://identity.reckon.com/connect/authorize?client_id=<<CLIENTID>>&response_type=c... URL>>&state=random_state&nonce=random_nonce

Obtaining a access token and refresh token
Once you have received a code from the identity server, this code can be used to obtain a access token and refresh token. To do that requires a second call to the identity server via HTTPS
 

Typical token request call

The typical URL call is the following:


URL: https://identity.reckon.com/connect/token

Type: POST

Body: grant_type=authorization_code&code=<<CODE>>&redirect_uri=<<REDIRECT URI>>

Headers: 
Content-Type = application/x-www-form-urlencoded
Authorization: Basic <<CLIENTID:CLIENTSECRET ENCODED IN BASE64>>

After this call is successfully sent, the response will include an access token and refresh token. Once you have obtained this you can use the refresh token to obtain new access tokens without the user having to input their credentials again.

 
For example if your client id is 1234 and your secret is 5678 the correct authorization header is Authorization: Basic <<1234:5678 ENCODED IN BASE64>>
 

Typical refresh token request call
(access token expires after 60 mins so always request for refresh token for any new session)

To use the refresh token to obtain a new access token, you need to send another call to the service. The typical call is as follows:

 

URL: https://identity.reckon.com/connect/token

Type: POST

Body: grant_type=refresh_token&refresh_token=<<REFRESH TOKEN>>&redirect_uri=<<REDIRECT URI>>

After this call is successfully sent the response will again include a access token (which is used to access the API) and a refresh token which can be used in the future to obtain another access token. The refresh token should always be recorded to ensure that you can get a updated token without the users interaction.

I hope it helps.

Thanks

Ifti
Reckon API Team 
Photo of Muhammad Usama

Muhammad Usama

  • 130 Points 100 badge 2x thumb
Hi Iffti,

my request is for AuthToken i am getting the code from this step 
Sample HTTPS Call (Authorization Code grant type)
and next i am calling this step
Typical token request call
and it says always "invalid_client"
please help
Photo of Ifti

Ifti, Product Manager

  • 6,236 Points 5k badge 2x thumb
Hi Muhammad,

Thanks for the info.

Can you please capture the URL when you're requesting for access token? I need to check that to see if there's anything wrong in it.

Thanks

Ifti
Photo of Muhammad Usama

Muhammad Usama

  • 130 Points 100 badge 2x thumb
Hi Ifti,

First url i am getting from Authorization_code is :
http://localhost:955/?code=8ddf0318329ae709258cf9abe140102a&state=random_state&session_state...
Second Request Snap :
Photo of Ifti

Ifti, Product Manager

  • 6,236 Points 5k badge 2x thumb
Hi Muhammad,

Thanks for that.

I'm emailing you the new ClientSecret. Please try that one.

I'm not adding it here for security/privacy.

Thanks

Ifti
Photo of Muhammad Usama

Muhammad Usama

  • 130 Points 100 badge 2x thumb
Hi Iffti,
Thanks for the support now i am getting token.
But now there is the same issue with
Typical refresh token request call
it says "invalid_client" here is my request plz help
Photo of Shane

Shane, Employee

  • 7,388 Points 5k badge 2x thumb
Hi Muhammad,

A refresh token can only be used once.  If you have used a refresh token already it will no longer work.  But you do get a new refresh token each time you do a refresh. 

Start by making a standard token request, this will give you the access token and refresh token.  Test making a refresh token request using Postman using the new refresh token to get a new access token and refresh token.  If this works, try making another refresh token request with your application using the new refresh token you got in the Postman test.

If you are still having trouble, make another standard token request, and email us the refresh token to reckonapi@reckon.com.  Don't post it here(as we want to make sure no one has used it), and don't try to use it, just give it to us so we can test it.  And you can just notify us here that you have emailed it through.

Regards,
Shane
Reckon API Team.