Skip to main content

Issue with OAUTH flow

  • 11 January 2017
  • 5 replies

I am trying to use the OAUTH flow.

I am using the AppKey as my AuthId.

I am receiving this error:

errorCode" : "TokenInvalid", "message" : "Unparseable access token",

I have been posting to the restapi/oauth/authorize address both with and without credentials. WI am using my appkey and appsecret for credentials.

This is the content I am posting:


Any thoughts on why I am receiving this TokenInvalid message?

5 replies

It means the token you are presenting to the /restapi/oauth/authorize endpoint is not in a valid format.

Here are several examples of how to use Authorization Flow in a variety of languages:
Also, make sure your application is set to use "Authorization Flow".

Which language are you developing with please?
You shouldn't post to /restapi/oauth/authorize, you should redirect user to that page instead. And user login RingCentral and authorize your app.   Ref:

Once user authorized your app, the page will be redirected to your own page, where you can get an autoCode and post to /restapi/oauth/token to get access_token.  Ref:
I trying to use RingCentral in my app.
So I followed and I can login with RingCentral Login PopUp but popup doesn't close after login.
And Auth code is returned in PopUp Modal so I can't get the auth code in my app(main browser).
And then How can I get the access token from auth code?
I called the API( with returned code but it says "error": "invalid_client".

please help me.
Question: So I followed and I can login with RingCentral Login PopUp but popup doesn't close after login.

AK: Could you please post the redirect code that you are using? By that I mean the code where you have implemented the popup. 

Question: I called the API( with returned code but it says "error": "invalid_client".

AK: Could you please make sure the HTTP request headers and the Body resemble the one given here: Get Token

Steps to Authorize using the OAuth2.0 
  1. Redirect the user to the Login Popup Page and once you receive the authorization code you would be redirected to your Original Page.
  2. Use the Auth Code to exchange for tokens ( access token/refresh token )  Get Token

We have a sample demo which you could refer to for:

The Authorization Code Flow, also referred to as a "3-legged authorization flow," is the most recommended approach of authenticating RingCentral users and every public apps follow this process.

It exchange to code token with access token.

Here is complete official docs with steps helps user to follow and understand the process:

Sample request:

POST /restapi/oauth/token
Accept: application/json 
Content-Type: application/x-www-form-urlencoded 
Authorization: Basic cmVsLWFsbC1wZXJtaXNzaWXFjMmpRZmlQcnlkSUkweE92QQ==code=U0pDMTFQMDFQQVMwMXxBQUJfTVpHWk5lM29zNVFmWnNHQ01MSmJuMHJmNGlRcnRaeEptTWlPS0MzUTdYRDdSTURiaHBuWHZINGM2WTdqaWlBOEVhRHNxRWdJVUNYQjd4dmJsWHJoVVlWQVN2SFo2YWJPanJsRkFWZk9SMm5lek0tWnF5d3h8C3AnYOPxO0flEwO6Ffoq9Tlqs1s&grant_type=authorization_code&              

Hope this will help
