Using JWT to request an access token as explained at https://developers.ringcentral.com/guide/authentication/jwt-flow#technical-discussion does not work. I created an application in Sandbox with "Read Accounts" permissions and a JWT for "all apps belonging to my organization" and followed the instructions in the documentation above. When I POST to https://platform.devtest.ringcentral.com/restapi/oauth/token as shown in the example, I get 400 invalid request and errorCode OAU-250 "Unsupported grant type". I have tried it with both Postman and curl and get the same error. I have properly base64-encoded the Client ID and Secret with a ":" between them (I've done this with other APIs on other platforms and know the routine). I added the Content-Type as shown in the example, added the JWT to the body, etc. I've deleted and regenerated the JWT numerous times as well as the applications. It does not work. Is the JWT authorization flow one that we can actually use? Or is it reserved from some special, unnamed APIs or authorization servers? It doesn't work in the Sandbox.
And yes, when I created the app, I marked "JWT auth flow" instead of "3-legged OAuth flow authorization code".
The problem is that you created a public app "All APIs JWT Test" and you select the "Personal JWT". I change your app scope to "Private" now. Try it again.
Hi @Lauren Anderson here is a sample project on GitHub that you can clone/download and run it. Just make sure to update the .env file with your credentials including JWT and it should work: https://github.com/suyashjoshi/ringcentral-node-auth-jwt
Thank you Phong, Yatin and Suyash. Those examples all worked. The problem wasn't public or private. The problem I had was that I didn't URL encode the grant_type and assertion. I was sending (wrong):
grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer
instead of (right):
grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer
And when I ran it in Postman, I also incorrectly set the Body to use "form-data" instead of "x-www-form-urlencoded" (which URL encodes the value for grant_type and assertion). Thank you for the excellent responses.
glad you figured it out!
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.