question

Mousa Khalil avatar image
Mousa Khalil asked Phong Vu commented

OAU-251 error - Unauthorized for this grant type

I want to generate a JWT for my users, hence, I used the following endpoint alongside the appropriate headers and body, but in order to provide the main JWT for the assertion I was required to created manually for the account. How could I automate it, so that I can create any JWTs using API requests? I tried using password grant_type but it did not work, and throws an OAU-251 error - Unauthorized for this grant type.

Sandbox # +12678284935
Client ID jfEaGJSpQgaMYwr8Q-O1Zg


The following code snippet works fine, but I want to automatically generate the main JWT. 

def getAccessToken(username, extension, password, server, client_id, client_secret):
    url = f"{server}/restapi/oauth/token"
    data = {
        "grant_type": "urn:ietf:params:oauth:grant-type:jwt-bearer",
        "username": f"{username}*{extension}",
        "password": password,
        "assertion":"eyJraWQiOiI4NzYyZjU5OGQ..."
    }
    
    headers = {
        "Content-Type": "application/x-www-form-urlencoded",
        "Authorization": "Basic " + base64.b64encode(f"{client_id}:{client_secret}".encode("utf-8")).decode("utf-8")
    }
    
    res = requests.post(url, headers=headers, data=data)
    return (res.json())


authenticationoauthoauth2
1 |3000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

1 Answer

Phong Vu avatar image
Phong Vu answered Phong Vu commented

Please refer to our Dev Guide documentation for instruction how to authenticate with a JWT token. The body data does not take others than just the grant_type and the assertion.

2 comments
1 |3000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Mousa Khalil avatar image Mousa Khalil commented ·

My bad I forgot to remove both of username, and password, however, my issue is with the assertion that I need to get the application level JWT manually. Is there a way to get it via API?

Furthermore, I want to authenticate my normal users! to use ringcentral but through our integration is there a way to do it using JWT, and or password or do we need to use 3-legged OAuth flow authorization code.?

0 Likes 0 ·
Phong Vu avatar image Phong Vu ♦♦ Mousa Khalil commented ·

There is no API to generate a JWT token. If your app is a public app and it supports JWT token authentication, the only way is to public your public app client id and any user who uses your app will generate a JWT token against your app client id and provide you the JWT token. Otherwise, implement a 3-legged authorization flow and handle the tokens to keep it valid until the user logs out.

0 Likes 0 ·

Developer sandbox tools

Using the RingCentral Phone for Desktop, you can dial or receive test calls, send and receive test SMS or Fax messages in your sandbox environment.

Download RingCentral Phone for Desktop:

Tip: switch to the "sandbox mode" before logging in the app:

  • On MacOS: press "fn + command + f2" keys
  • On Windows: press "Ctrl + F2" keys