Skip to main content
To homepage To homepage
Question

Console app trying to JWT authorize in the sandbox and getting Unauthorized for this grant type

  • February 27, 2022
  • 3 replies
  • 775 views
A

I swear I set it up right, but it's failing, and I can't figure out where to look. Using C# and latest SDK.

Using Fiddler, I see that the call to https://platform.devtest.ringcentral.com/restapi/oauth/token, with this info:

grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion=eyJraWQiOiI4NzYyZjU5OGQwNTk0NGRiODZiZjVjYTk3ODA0NzYwOCIsInR5cCI6IkpXVCIsImFsZyI6IlJTMjU2In0..... (not putting the whole token here, but it's in the parms).

Says it's using TLS1.2, so that's right. Returns:

{
  "error" : "unauthorized_client",
  "errors" : [ {
    "errorCode" : "OAU-251",
    "message" : "Unauthorized for this grant type"
  } ],
  "error_description" : "Unauthorized for this grant type"
}

App is set up to use JWT (I also tried setting to password auth with the right user/ext/password and that returned the same outcome). The JWT token is correct. What did I do wrong? Once the 400 happens, authorize call hangs.

Thanks in advance.

3 replies

PhongVu
Community Manager
Forum|alt.badge.img
  • PhongVu
  • Community Manager
  • February 28, 2022

Before investigating your case, can you give me the app client id so I can have a look at the app settings.

PhongVu
Community Manager
Forum|alt.badge.img
  • PhongVu
  • Community Manager
  • February 28, 2022

Can you try it now. I changed the app scope from public to private as the JWT was personal and the platform type is server-only. Let me know if your app must be a public app.

A
  • ajfeibus
  • Author
  • New Participant
  • February 28, 2022

Halfway there maybe.

Getting a 200 response with a token, so that part looks right (see below). But, the .Authorize call

rc.Authorize(ConfigurationManager.AppSettings["RC Token"]).Wait();

isn't coming back from the Wait() still. What else is it waiting on?

The plan is that this customer is the only one to ever run it, so private is perfect.

In case you need it, Fiddler shows the response came back with something like this:

{
  "access_token" : "U0pDMTJQMDFQQVMw....",
  "token_type" : "bearer",
  "expires_in" : 3600,
  "refresh_token" : "U0pDMTJQMDFQQVMw....",
  "refresh_token_expires_in" : 604800,
  "scope" : "Faxes",
  "owner_id" : "714822005",
  "endpoint_id" : "y-janHULTiaQuTUOmX6gbg"
}
Terms & ConditionsCookie settingsAccessibility statement
PRODUCTS
RingEX
Message
Video
Phone
OPEN ECOSYSTEM
Developer Platform
APIs
Integrated Apps
App Gallery
Developer support
Games and rewards

RESOURCES
Resource center
Blog
Product Releases
Accessibility
QUICK LINKS
App Download
RingCentral App login
Admin Portal Login
Contact Sales
© 1999-2024 RingCentral, Inc. All rights reserved. Privacy Notice