"Invalid resource owner credentials" for Password Flow via Postman

  • 1 June 2019
  • 2 replies

I have an app with Platform type as "Password Flow: and "Refresh Token" . I am using postman to access token and I get below error.

  "error": "invalid_grant",
  "error_description": "Invalid resource owner credentials",
  "errors": [
    {"errorCode": "OAU-140","message": "Invalid resource owner credentials"}

Below is what I have tried:

  1. along with parameters - username, password, extension and grant_type=password.
  2. Auth - Auth Basic used username = Client_id and password =Client Secret.

I do see authentication is added in header.

I have tested auth using the link below, using the same parameters and client id/secret.!/Authentication/oauth_token_post

Could you please help me in fixing the error.

Kindly let me know if I am using incorrect method.

Thank you.

2 replies

First of all you need to keep in mind that in body, we need to pass the parameters in following way :

username=<account phone number>&password=<account password>&extension=<your extension>&grant_type=refresh_token&refresh_token=<the refresh token generated>

username should be the phone number

In header part

"Authorization",:"Basic <ClientID:ClientSecret in base 64> 

You need to convert ClientID and ClientSecret into base64.

Remaining all seems fine.

Make sure you have done the same

This occurs due to invalid username or password please check it my case I'm faced this issue sharing the screenshot here