© 1999-2024 RingCentral, Inc. All rights reserved.
Privacy Notice
Question
auth code flow - OAuth2::Error: invalid_client: Client authentication is required
Hi,
I am using the standard ruby [ringcentral sdk][1]
Here is how I am trying to authenticate a user using the auth code flow.
Step 1
@client ||= RingCentralSdk::REST::Client.new do |config|
config.server_url = RingCentralSdk::RC_SERVER_SANDBOX
config.app_key = "client_id"
config.app_secret = "client_secret"
config.redirect_url= "redirect_url"
end
Step 2
I provide my consent using a browser with url `@client.authorize_url`
Step 3.
I copy the code returned by the api and try to exchange it with a token like so
token = @client.authorize_code(code)
No matter what I do, I always get this error
{
"error" : "invalid_client",
"errors" : [ {
"errorCode" : "OAU-123",
"message" : "Client authentication is required"
} ],
"error_description" : "Client authentication is required"
}
Here are my Ringcentral app settings
**App Type:**
- REST API App (most common)
**Auth:**
- 3-legged OAuth flow authorization code,
- Server-side web app
**App permissions:**
- VoIP Calling
**Who will be authorized to access your app?**
- This app is public and will be callable via any RingCentral customer.
**What brand partners are available?**
- Make available to all current and future RingCentral carrier and brand partners(recommended)
I have even done several combinations of these settings to no luck
[1]: https://github.com/ringcentral/ringcentral-ruby
+3I believe you are seeing this error message because when you exchange the auth code for an access token you need to present an HTTP Authorization header that base64 encodes your client id and secret. See here:
https://developers.ringcentral.com/guide/authentication/auth-code-flow#step-3-exchange-auth-code-for-access-token
Please let me know if this successfully resolves the problem you are seeing!
+3Here are some other resources that may also be at the root cause of your issue:
* https://community.ringcentral.com/questions/8334/password-flow-errorcode-oau-123-client-authenticat.html
Thanks Byrne for the answer
However here I am using the Ringcentral SDK for authorization and exchanging the code with token. Given that it is the official library of RingCentral, I assume it should add the proper headers. I confirmed that it does by digging into the code. Here is an excerpt from the GitHub repo
def autorization_header
@token != nil ? "Bearer #{@token['access_token']}" : "Basic #{basic_key}"
end
You said that you are using the RingCentral Ruby SDK, but you did not show how you call the SDK [authorize method][1].
What is inside this method? It is not part of the SDK methods.
token = @client.authorize_code(code)
Anyway, here is an [example how to authenticate a user using 3-legged authorization][2] using the RingCentral Ruby SDK.
[1]: https://github.com/ringcentral/ringcentral-ruby/blob/master/lib/ringcentral.rb#L48
[2]: https://developers.ringcentral.com/guide/authentication/quick-start#ruby
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.