Using JWT to request an access token as explained at https://developers.ringcentral.com/guide/authentication/jwt-flow#technical-discussion does not work. I created an application in Sandbox with "Read Accounts" permissions and a JWT for "all apps belonging to my organization" and followed the instructions in the documentation above. When I POST to https://platform.devtest.ringcentral.com/restapi/oauth/token as shown in the example, I get 400 invalid request and errorCode OAU-250 "Unsupported grant type". I have tried it with both Postman and curl and get the same error. I have properly base64-encoded the Client ID and Secret with a ":" between them (I've done this with other APIs on other platforms and know the routine). I added the Content-Type as shown in the example, added the JWT to the body, etc. I've deleted and regenerated the JWT numerous times as well as the applications. It does not work. Is the JWT authorization flow one that we can actually use? Or is it reserved from some special, unnamed APIs or authorization servers? It doesn't work in the Sandbox.
Best answer by laurenra
View original