Reckon One Error "Invalid_client" on tokenrequest

Muhammad Usama
Muhammad Usama Member Posts: 6
edited February 2020 in Reckon API

Dear Reckon,

 

I am facing this issue when I connect to reckon one and request for token it always return “invalid_client” kindly help.

This is my request in C#

private static string clientId = "eddded14-db13-4c61-86cd-0a85c42cbe8a";

private static string clientSecret = "84143f59-0c4e-41f2-bc8f-753be9333eec";

var code = Request.QueryString["code"];

 

public Task<HttpResponseMessage> GetToken(string code)

        {

            var client = new HttpClient();

 

            var token = string.Format("Basic {0}", Base64Encode(clientId + ":" + clientSecret));

            var uri = "https://identity.reckon.com/connect/token";

            var content = new FormUrlEncodedContent(new[]

            {

                new KeyValuePair<string,string>("grant_type","authorization_code"),

                new KeyValuePair<string,string>("code",code),

                new KeyValuePair<string,string>("redirect_uri",baseUri),

            });

             content.Headers.ContentType = new System.Net.Http.Headers.MediaTypeHeaderValue("application/x-www-form-urlencoded");

            HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Post, uri);

            request.Content = content;

            request.Headers.Add("Authorization", token);

            var response = client.SendAsync(request);

            return response;

        }

 

Best Regards,

Muhammad Usama

Comments

  • Ifti
    Ifti Reckon Staff Posts: 258 Reckon Staff
    edited February 2019
    Hi Muhammad,

    Thank you for your email.

    Seems like you're hitting the wrong URI.

    Can you please follow the instructions from our Auth Overview section of our helpdocs?

    https://reckon.helpdocsonline.com/reckon-api-authorisation-services



    Excerpt from the site:

    Sample HTTPS Call (Authorization Code grant type)

    >&response_type=code&scope=openid+read+write+offline_access&redirect_uri=<<REDIRECT">https://identity.reckon.com/connect/authorize?client_id=<<CLIENTID>>&response_type=c... URL>>&state=random_state&nonce=random_nonce

    Obtaining a access token and refresh token
    Once you have received a code from the identity server, this code can be used to obtain a access token and refresh token. To do that requires a second call to the identity server via HTTPS
     

    Typical token request call

    The typical URL call is the following:


    URL: https://identity.reckon.com/connect/token

    Type: POST

    Body: grant_type=authorization_code&code=<<CODE>>&redirect_uri=<<REDIRECT URI>>

    Headers: 
    Content-Type = application/x-www-form-urlencoded
    Authorization: Basic <<CLIENTID:CLIENTSECRET ENCODED IN BASE64>>

    After this call is successfully sent, the response will include an access token and refresh token. Once you have obtained this you can use the refresh token to obtain new access tokens without the user having to input their credentials again.

     
    For example if your client id is 1234 and your secret is 5678 the correct authorization header is Authorization: Basic <<1234:5678 ENCODED IN BASE64>>
     

    Typical refresh token request call
    (access token expires after 60 mins so always request for refresh token for any new session)

    To use the refresh token to obtain a new access token, you need to send another call to the service. The typical call is as follows:

     

    URL: https://identity.reckon.com/connect/token

    Type: POST

    Body: grant_type=refresh_token&refresh_token=<<REFRESH TOKEN>>&redirect_uri=<<REDIRECT URI>>

    After this call is successfully sent the response will again include a access token (which is used to access the API) and a refresh token which can be used in the future to obtain another access token. The refresh token should always be recorded to ensure that you can get a updated token without the users interaction.

    I hope it helps.

    Thanks

    Ifti
    Reckon API Team 
  • Muhammad Usama
    Muhammad Usama Member Posts: 6
    edited February 2020
    Hi Iffti,

    my request is for AuthToken i am getting the code from this step 
    Sample HTTPS Call (Authorization Code grant type)
    and next i am calling this step
    Typical token request call
    and it says always "invalid_client"
    please help

  • Ifti
    Ifti Reckon Staff Posts: 258 Reckon Staff
    edited January 2018
    Hi Muhammad,

    Thanks for the info.

    Can you please capture the URL when you're requesting for access token? I need to check that to see if there's anything wrong in it.

    Thanks

    Ifti
  • Muhammad Usama
    Muhammad Usama Member Posts: 6
    edited January 2018
    Hi Ifti,

    First url i am getting from Authorization_code is :
    http://localhost:955/?code=8ddf0318329ae709258cf9abe140102a&state=random_state&session_state...
    Second Request Snap :
    image
  • Ifti
    Ifti Reckon Staff Posts: 258 Reckon Staff
    edited January 2018
    Hi Muhammad,

    Thanks for that.

    I'm emailing you the new ClientSecret. Please try that one.

    I'm not adding it here for security/privacy.

    Thanks

    Ifti
  • Muhammad Usama
    Muhammad Usama Member Posts: 6
    edited January 2018
    Hi Iffti,
    Thanks for the support now i am getting token.
    But now there is the same issue with
    Typical refresh token request call
    it says "invalid_client" here is my request plz help
    image
  • Shane_6461899
    Shane_6461899 Reckon Staff Posts: 339 Reckon Staff
    edited January 2018
    Hi Muhammad,

    A refresh token can only be used once.  If you have used a refresh token already it will no longer work.  But you do get a new refresh token each time you do a refresh. 

    Start by making a standard token request, this will give you the access token and refresh token.  Test making a refresh token request using Postman using the new refresh token to get a new access token and refresh token.  If this works, try making another refresh token request with your application using the new refresh token you got in the Postman test.

    If you are still having trouble, make another standard token request, and email us the refresh token to reckonapi@reckon.com.  Don't post it here(as we want to make sure no one has used it), and don't try to use it, just give it to us so we can test it.  And you can just notify us here that you have emailed it through.

    Regards,
    Shane
    Reckon API Team.