Sudden Invalid client exception while sending authorize request - OAU-255

I am using ring central for sending faxes in my organization however everything was working before 1/8/2024 but currently i am facing an invalid client exception while trying to authorize my backend app on the ring central app using jwt auth flow, although i am putting the same clientid, secret and token that was used before also my token is set to never expire, so i need to know if there is a general issue currently as i did not change anything, this is happening currently ONLY on the sandbox environment please advice

This is the error i am facing
Content: {

"error" : "invalid_client",

"errors" : " {

"errorCode" : "OAU-255",

"message" : "Access to account a] is prohibited for private application",

"parameters" : m {

"parameterName" : "account_id",

"parameterValue" : ""

} ]

} ],

"error_description" : "Access to account ] is prohibited for private application"

}

The issue is happening locally and on the deployed app, but it’s not happening when hitting the authorize end point using ring central APIs from here: https://developers.ringcentral.com/api-reference/sms-and-fax

i have also created a dev ticket about 2 days ago but no reply yet

Page 1 / 1

Please submit a dev support ticket so someone can have a look at your app and your account.

BTW, is this on production or on sandbox environment? If it’s on sandbox environment, it may relate to a known issue that private app and JWT generated for all apps under the account stops working. In that case, login the developer portal and generate a new JWT for just 1 app using that app’s client id.

@Phong1426275020
I have submitted the ticket it’s currently with #24869945
Regarding the solution you are proposing i have created a new token for only the client id of my application on sandbox environment,
also tried to create a token for all the organization apps
but still facing exactly the same exception

i got this response from support
We are aware of this issue and our Sandbox team is investigating this issue.
As a workaround for now, you can either switch the app to Public from a Private scope or give the JWT access to a particular application by specifying the client ID.

as i said for the second solution in their reply i have tried it, but for making the app public i think this may be a security concern in out team as this will affect also the production environment

One extra thing you need to change to get it work. Change the app from “Private” to “Public” and try again.

Thanks for your response, the app is used internally by my organization, how can i make it public this should be a concern, what are the drawbacks of this approach ?
@Phong1426275020

I know, this is a test app on sandbox, right? If so, changing it to “Public” temporarily for testing should be ok. The team is working to fix the issue so this is just a short term solution.

Let me know if it’s your production app and in that case, give me the app client id so I can check. So far I know that this issue is just happening on sandbox environment.

@Phong1426275020 no it’s a live app, the app is used on both sandbox and production
the sandbox environment is used on DEV and QA environments
and the settings to make the the public is global so it will affect both production and sandbox that why i am avoiding making this solution

the issue is happening in sandbox only

In that case, either you can create a new Public app just for testing on sandbox. Or you can create a new Private app for your production. That is the fastest solution for you to continue testing/developing your app on sandbox. I don’t know when the issue will be fixed for sandbox and sandbox will be going away anyway.

Reply

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded