I'm trying to get an access token for a new sandbox application using JWT, however the REST API keeps responding with OAU-153 Invalid Client ID. The client ID and client secret are definitely correct, as is my JWT token. Not sure what I'm missing here.
$RC_SERVER_URL="https://platform.devtest.ringcentral.com"
$RC_CLIENT_ID="T2V..." # Copied from the app I created
$RC_CLIENT_SECRET="v8dN..." # Copied from the app I created
$RC_JWT_TOKEN = "eyJraW..." # Created under My Account > Credentials
# as per https://developers.ringcentral.com/guide/authentication/jwt-flow#technical-discussion
$splat = @{
Method = "POST"
Uri = $RC_SERVER_URL + "/restapi/oauth/token"
headers = @{
ContentType = 'application/x-www-form-urlencoded; charset=UTF-8'
Accept = 'application/json'
Authorization = 'Basic ' + [Convert]::ToBase64String([Text.Encoding]::UTF8.GetBytes("${RC_CLIENT_ID}:${RC_CLIENT_SECRET}"))
}
body = @{
grant_type = 'urn:ietf:params:oauth:grant-type:jwt-bearer'
assertion = $RC_JWT_TOKEN
}
}
$Response = Invoke-RestMethod @splat
PS C:scriptsGet-RingCentralData> $Response = Invoke-RestMethod @splat
Invoke-RestMethod : {
"error" : "invalid_client",
"errors" : [ {
"errorCode" : "OAU-153",
"message" : "Invalid client: T2VHgSXZQ92J0lu_htr0yQ",
"parameters" : [ {
"parameterName" : "client_id",
"parameterValue" : "T2VHgSXZQ92J0lu_htr0yQ"
} ]
} ],
"error_description" : "Invalid client: T2VHgSXZQ92J0lu_htr0yQ"
}
At line:1 char:13
+ $Response = Invoke-RestMethod @splat
+ ~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand
The one thing I find very confusing is when I go to Console > Apps > My New App > Credentials, the "User Credentials" section contains the dev environment's admin account with extension 101, and the info box says "use these credentials to test your app!"... well, I don't have access to that account, I want to use my own JWT to test the app. Is this what's causing me issues? Or is this just RingCentral trying to be "convenient" by showing me some credentials I could test with?
Any assistance would be greatly appreciated!