Store external access token fails with error "invalid_client"

Not applicable

I want to store an external access token.Even though i am passing the correct client_id it is throwing error

{"ErrorCode" : "invalid_client", "Error" :"Client identifier is required"}
I am using client_credential grant type.


<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<OAuthV2 async="false" continueOnError="false" enabled="true" name="OAuth-v2-StoreExternal-Access-Token">
    <DisplayName>OAuth v2-StoreExternal-Access-Token</DisplayName>
    <Properties/>
    <Attributes/>
    <ExternalAccessToken>request.queryparam.external_access_token</ExternalAccessToken>
    <ExternalAuthorization>true</ExternalAuthorization>
    <Operation>GenerateAccessToken</Operation>
    <GenerateResponse enabled="true">
        <Format>FORM_PARAM</Format>
    </GenerateResponse>
    <ReuseRefreshToken>false</ReuseRefreshToken>
    <StoreToken>true</StoreToken>
    <SupportedGrantTypes>
        <GrantType>client_credentials</GrantType>
    </SupportedGrantTypes>
    <Tokens/>
</OAuthV2>

Please Help!!!
0 11 461
11 REPLIES 11

Not applicable

How are you passing the client_id?
Can you post the API?

Not applicable

Hi @shubham singh,

Did you check this page http://docs.apigee.com/api-services/content/use-third-party-oauth-system ?

Copying the section where it says client_id should be sent as x-www-form-urlencoded data.

 Important to note: Normally, with the client credentials grant type, you need to provide a Basic Authentication header with the encoded Client ID and Client Secret. However, in this case, you do not need to provide that header. Note that the client_id is still expected in the request and will be validated. By default, Edge expects the client_id to be sent as x-www-form-urlencoded data.

Example curl:

curl https://testmyapiii-test.apigee.net/oauth-delegated/generatetoken?external_access_token=123456 -d 'client_id=sxnS7SddD6494Akbqk74ej4SmvvqjL0O&grant_type=client_credentials'

@Maruti Chand yes, i did check the doc,even in both the cases i am getting the same error.

One clarification

i have created a product and added this proxy.using this product only i am using its client_id and passing it in the queryparam and external_access_token i am passing some random number

am i doing correct?is the client_id which i am passing correct?

2nd case:-

From another proxy i generated the access token using client_credential grant.The token which i generated the same token i used for this proxy to store it with the same client id which i used for generating the token.Then also i am facing the same issue:-


{"ErrorCode":"invalid_client","Error":"Client identifier is required"}

Correct me if i am wrong

@shubham singh Can you set <ExternalAuthorization> element set to false in your policy and pass the client_id as mentioned in the example.

@Maruti Chand i did the same thing which u told.Still facing the same issue

request-config.pngresponse-console.png

@shubham singh Everything looks good except the client_id, Are you sure your client_id is same as the one I have in my example? Can you update the below curl with the correct client_id and try?

curl -v http://pacemakershubham-test.apigee.net/3rdpartyoauth/generatetoken?external_access_token=123456 -d 'client_id=sxnS7SddD6494Akbqk74ej4SmvvqjL0O&grant_type=client_credentials'

@Maruti Chand yes i tried with the same client_id which you mentioned.Attaching the screenshot for your reference.Still facing the same issue.externalacesstoken.png

@shubham singh Why are you using the client_id in the example, thats a dummy one? Pls,use your client id.. You are doing the same mistake...

@Maruti Chand Now i used my own client id still facing the same issue

@Dino could you provide your comments on this?