If you are receiving a “Client authentication is required” error, for example:

{
"error": "invalid_client",
"errors": s{
"errorCode": "OAU-123",
"message": "Client authentication is required"
}],
"error_description": "Client authentication is required"
}

Then it is possible your application is configured as a client-side app, but has not implemented tPKCE authentication]i1] properly. To see if this applies to you, log into the Developer Console, navigate to the settings page for the application in question, and scroll down to the Auth section. If your app has "3-legged OAuth flow authorization code" selected, and "Client-side web app, e.g. SPA, Javascript" selected as well, then chances are you are not transmitting the code verifier and challenge properly.

!/4692-screen-shot-2023-10-06-at-42001-pm.png]p2]

Test this hypothesis by changing "From what type of app will you be calling the API?" to "Server-side web app (most common)." If the error goes away, then you have your smoking gun.

The solution will require you to read up on PKCE and implement your code verifier and challenge correctly. This is made much easier if you use one of RingCentral's SDKs.


>1]: https://developers.ringcentral.com/guide/authentication/auth-code-pkce-flow
>2]: https://uploads-us-west-2.insided.com/ringcentral-en/attachment/4692_screen-shot-2023-10-06-at-42001-pm.png