Nitin Singh avatar image
Nitin Singh asked Byrne Reese commented

Facing Issue in Auth2.0 PKCE


We are performing Auth2.0 PKCE for authorization purposes. As per the documentation following all the processes.

1. Generate Verify and challenge for PKCE

2. User login and consent

The above two processes are done, successfully.

When we are performing

3. Exchange auth code for an access token

The error we are getting is :

  "error": "invalid_client",
  "errors": [
      "errorCode": "OAU-123",
      "message": "Client authentication is required"
  "error_description": "Client authentication is required"

//Pasting my return URI Code Below, Please let me know what we need to do in order to resolve the issue

It's a PHP code,


$code = $_REQUEST['code'];
$state = $_REQUEST['state'];

if ($code)

    $ch = curl_init();

    curl_setopt($ch, CURLOPT_URL, "");
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, "code=$code&grant_type=authorization_code&client_id=<client-id>&code_verifier=LQCmsfhneP9_R2jQ85En9RO--ohyrIKmej3rpocjjaE&redirect_uri=https://my.callback/listener_ringcentral.php");
    curl_setopt($ch, CURLOPT_HTTPHEADER, array(
        'Content-Type: application/x-www-form-urlencoded'

    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

        $server_output = curl_exec($ch);
    catch(Exception $e)
        echo '<pre>';

    // Further processing ...
    echo '<pre>';
    if ($server_output == "OK")
        echo '<pre>';
        echo 'Failed CURLLLLL';

developer sandboxoauth2
1 comment
1 |3000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

I provided a complete end-to-end working example of PKCE auth in PHP below. I am trying to ascertain what you did wrong though. It is difficult without seeing how the code challenge and verifier were generated. They are derived from each other. One challenge I had was persisting the code verifier through the asynchronous auth process. Can you share your full code sample?

1 Like 1 ·
Suyash Joshi avatar image
Suyash Joshi answered

Hi @Nitin Singh, If you are able to able to perform the 1st two steps as mentioned and are only stuck on Step 3, then please refer to this guide to understand how to create the request for the same. Make sure your Authorization Header is base 64 encoded string for Client ID and Secret in the correct format.

Also, consider using the RingCentral's PHP SDK which might make the job easier for you, and tutorial you might find helpful.

1 |3000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Byrne Reese avatar image
Byrne Reese answered

@Nitin Singh So I put together a better PHP PKCE example for you. I will let the code speak for itself and assume you can follow along reasonably well. I will be adding this to the documentation soon, providing a lot more detail and example code around using PKCE auth.

1 |3000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Developer sandbox tools

Using the RingCentral Phone for Desktop, you can dial or receive test calls, send and receive test SMS or Fax messages in your sandbox environment.

Download RingCentral Phone for Desktop:

Tip: switch to the "sandbox mode" before logging in the app:

  • On MacOS: press "fn + command + f2" keys
  • On Windows: press "Ctrl + F2" keys