Skip to main content
To homepage To homepage
Solved

Gett error Unauthorized for this grant type

  • July 20, 2022
  • 15 replies
  • 1753 views
R

Been working on an SMS app via Python/Django. I was able to get everything running just fine with the Password based Auth Flow, however, I am looking at using JWT.

I setup a sandbox JWT credential and update my sandbox app to use the JWT. Then I copied the login script from https://developers.ringcentral.com/guide/authentication/jwt/quick-start. Just to run a quick test, I just ran this script (after updating my .env file with the the JWT credentials).

Now I get an error that "Unable to authenticate to platform. Check credentials.Unauthorized for this grant type"

I have found several articles supporting this method and all seems to be setup correctly. I did use the script from https://community.ringcentral.com/questions/106980/jwt-token-failure.html as well. This script didn't use the .env file, just entered my credentials and received the same error. I also saw and older post from 2016 suggesting there was a different test server, but I get "resource not found" when attempting to use that option. https://community.ringcentral.com/questions/301/unauthorized-for-this-grant-type.html

I am new to coding, so very well could be missing some major steps. Any suggestions on next things to read or review would be great. I have been looking at other JWT systems and it looks like maybe I am missing a step for an Authorization header? (Maybe I cannot just test using this script?)

import os
import sys

from dotenv import load_dotenv
from ringcentral import SDK

load_dotenv()


rcsdk = SDK(os.environ.get('RC_CLIENT_ID'),
             os.environ.get('RC_CLIENT_SECRET'),
             os.environ.get('RC_SERVER_URL') )
platform = rcsdk.platform()

print(platform)

try:
  platform.login(jwt=os.environ.get('RC_JWT'))
except Exception as e:
  sys.exit("Unable to authenticate to platform. Check credentials." + str(e))

print(f'Login with JWT successful.')


Thanks in advance!

Best answer by PhongVu

I use the admin tool to login your developer portal to get the app credentials and JWT token and try on my code. Works like a charm. So try this exact code.

from ringcentral import SDK


RINGCENTRAL_CLIENTID = 'Copy/paste app client id here'
RINGCENTRAL_CLIENTSECRET =  'Copy/paste app client secret here' 
RINGCENTRAL_SERVER = 'https://platform.devtest.ringcentral.com'

rcsdk = SDK( RINGCENTRAL_CLIENTID, RINGCENTRAL_CLIENTSECRET, RINGCENTRAL_SERVER)
platform = rcsdk.platform()

JWT_TOKEN = 'Copy/paste your JWT token here'

try:
    platform.login( jwt=JWT_TOKEN )
    params = {
        'dateFrom': "2022-07-01T00:00:00.000Z"
        }
    resp = platform.get('/restapi/v1.0/account/~/extension/~/message-store', params)
    for record in resp.json().records:
        print ("Message type: " + record.type)
except Exception as e:
    print ("Unable to authenticate to platform. Check credentials." + str(e))

15 replies

PhongVu
Community Manager
Forum|alt.badge.img
  • PhongVu
  • Community Manager
  • July 20, 2022

Make sure you use the correct client id and client secret of the new app that use JWT token. Also, did you update the Python SDK. Only the latest version of the SDK supports JWT token.

If this does not help, let me know the app client id.

A
  • Anonymous
  • July 20, 2022

Hi @Rob Fuller did you create the JWT Token and tie it to the application correctly? For instance, your JWT can be tied to the Application Client ID or you can choose all applications for your organization and make sure it's either for Sandbox or the Production environment and then use those credentials for RC_CLIENT_ID, RC_CLIENT_SECRET and RC_SERVER_URL.

R
  • rfuller
  • Author
  • Participating Frequently
  • July 20, 2022

Hey @Suyash Joshi. Thank you for the note. I did double check this by downloading the JSON file in the credentials area of the App that I created. I double checked that the JWT id listed there does match the JWT id that I created via the credentials. This is all in the Sandbox too.

Right now, I am just using "All Applications" to avoid any confusion while I troubleshoot the issue.

R
  • rfuller
  • Author
  • Participating Frequently
  • July 20, 2022

I verified login credentials via the JSON download on the app. I feel pretty confident about these.

I am running Python version 3.10.5 and ringcentral version 0.7.13. I did check for updates as well, but looks like that is the latest and greatest.

Client ID is sqv4GM0rTvicOlkEW_op6g


@Phong Vu sorry, forgot to tag you on my reply

E
  • ekozah2
  • New Participant
  • July 20, 2022

Hey @Rob Fuller

I suspect that the problem might be with the credentials. I copied the same code above and used it with my credentials and it worked.


E
  • ekozah2
  • New Participant
  • July 20, 2022

Also @Rob Fuller Unauthorized for this grant type means that your app key and secret are correct but the problem is with the JWT token.

E
  • ekozah2
  • New Participant
  • July 20, 2022

@Rob Fuller also make sure you changed the auth to JWT in your dev account.

R
  • rfuller
  • Author
  • Participating Frequently
  • July 21, 2022

@Elie Kozah thanks for the note. I did a quick compare today between the token shown in credentials and the one show on my account and confirmed they are the same.

Maybe a formatting issue? I have '"Appname":"key"' in my .env file.

I do see without App Name, I get "Invalid assertion signature". I assume I am formatting it correct because with the App name, i get the Unauthorized error.

R
  • rfuller
  • Author
  • Participating Frequently
  • July 21, 2022

Good to understand that side of it.

R
  • rfuller
  • Author
  • Participating Frequently
  • July 21, 2022

account-access.pngYea, I had switch it to Password for a bit to make sure something was working, but switched it back to JWT once I confirmed that the password worked.

PhongVu
Community Manager
Forum|alt.badge.img
  • PhongVu
  • Community Manager
  • Answer
  • July 21, 2022

I use the admin tool to login your developer portal to get the app credentials and JWT token and try on my code. Works like a charm. So try this exact code.

from ringcentral import SDK


RINGCENTRAL_CLIENTID = 'Copy/paste app client id here'
RINGCENTRAL_CLIENTSECRET =  'Copy/paste app client secret here' 
RINGCENTRAL_SERVER = 'https://platform.devtest.ringcentral.com'

rcsdk = SDK( RINGCENTRAL_CLIENTID, RINGCENTRAL_CLIENTSECRET, RINGCENTRAL_SERVER)
platform = rcsdk.platform()

JWT_TOKEN = 'Copy/paste your JWT token here'

try:
    platform.login( jwt=JWT_TOKEN )
    params = {
        'dateFrom': "2022-07-01T00:00:00.000Z"
        }
    resp = platform.get('/restapi/v1.0/account/~/extension/~/message-store', params)
    for record in resp.json().records:
        print ("Message type: " + record.type)
except Exception as e:
    print ("Unable to authenticate to platform. Check credentials." + str(e))
R
  • rfuller
  • Author
  • Participating Frequently
  • July 21, 2022

Still running into the error.

I created a new project and new virtual environment. Installed RingCentral and updates to PIP. Same error.

I went onto one of my virtual machines. Ran the script like you show and got the same error. Verified I am running Python V3.8.10 and RingCentral 0.7.13 on that VM as well. (Ubuntu 22.2)

I do see your successful attempts per the dashboard and I see my failed attempts. virtual-machine.png

R
  • rfuller
  • Author
  • Participating Frequently
  • July 21, 2022

In the JSON example from the credentials page, it shows "JWT Label" : "Token" is this the correct format? I am wondering if this is just a setup error since you have it working.


**Update, this is the incorrect format. Should not include the JWT label. Thanks for all the feedback

R
  • rfuller
  • Author
  • Participating Frequently
  • July 26, 2022

I found if you forget to update your server settings to the production server, you will also get this error when attempting to use the production token.

Ironically, the production Client ID, production Client Secret, and the production user name will also work with the Sandbox JWT on the sandbox server. Not sure this if only occurs after you have achieved Production Status or if that would have worked earlier as well.

This issue does still use the Sandbox phone number though. This made it a little confusing for a second until I remember to switch servers.

A
  • Anonymous
  • July 26, 2022

Ironically, the production Client ID, production Client Secret, and the production user name will also work with the Sandbox JWT on the sandbox server. Not sure this if only occurs after you have achieved Production Status or if that would have worked earlier as well.

this issue could be a bug, paging @Byrne Reese here for input.

Terms & ConditionsCookie settingsAccessibility statement
PRODUCTS
RingEX
Message
Video
Phone
OPEN ECOSYSTEM
Developer Platform
APIs
Integrated Apps
App Gallery
Developer support
Games and rewards

RESOURCES
Resource center
Blog
Product Releases
Accessibility
QUICK LINKS
App Download
RingCentral App login
Admin Portal Login
Contact Sales
© 1999-2024 RingCentral, Inc. All rights reserved. Privacy Notice