News & Announcements User Community Developer Community

Welcome to the RingCentral Community

Please note the community is currently under maintenance and is read-only.

Make sure to review our Terms of Use and Community Guidelines.
  Please note the community is currently under maintenance and is read-only.
Home » Developers
after successfully authenticated with api, i am getting error code CMN-102
Tags: getting started
Sep 22, 2016 at 6:33am   •   12 replies  •  0 likes


Last 3 days, i am trying to access call logs from api using sandbox credentials but getting errors.

I get error of Invalid Authorization header when i am trying to access from PHP curl query.

Even i successfully authenticated with apis and get access token.

$headers = array( 'Accept: application/json',

'Authorization: Bearer' . $_SESSION['access_token']


curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);


Kindly tell me how to get call logs from api using PHP curl script


Ajay Gupta

12 Answers
answered on Jun 22, 2017 at 11:34am  

You would need to use the appKey and appSecret for the PROD Environment also, you would need to use the Production Credentials. 

Meanwhile, could you confirm if the server URL for PROD Environment is:

answered on Jun 22, 2017 at 8:59am  

Need your help we are in production
according to dashboard => credentials section,
we have just changed sandbox credentials with production credentials  in above code and getting Invalid resource owner credentials.

output is 

{ "error" : "invalid_grant", "error_description" : "Invalid resource owner credentials", "errors" : [ { "errorCode" : "OAU-140", "message" : "Invalid resource owner credentials" } ] }
Uh oh, that did not work the way we expected.

What could be the reason for that or what should i need to change?

answered on Jun 16, 2017 at 12:07pm  
Hi Jerry,

Could you confirm if the application name on RingCentral is: CVMTest2

Per the latest screenshot of your App Analytics:

Your application has 4xx errors  with the below endpoints:

1.) /account
2.) extension/ringout

Make sure you reduce the number of errors on the API calls and you should be able to 'Apply for Graduation'

answered on Jun 16, 2017 at 6:30am  
hi AK
this sample code is very successful for me and according to my requirement.
i have updated these variables as well with my sandbox credentials 
    $appSecret = '{{REPLACE_WITH_YOUR_APP_SECRET}}';
    $server = '';
    $username = '{{REPLACE_WITH_YOUR_USERNAME}}';
    $password = '{{REPLACE_WITH_YOUR_PASSWORD}}';

same as above sample code i have changed end url according to application need, 
with these urls m was successful. 

//$callLogRequest = makeRequest( $server, $myToken->access_token, "/restapi/v1.0/account/~/extension/~/active-calls/" );
//$callLogRequest = makeRequest( $server, $myToken->access_token, "/restapi/v1.0/account/~/" );
//$callLogRequest = makeRequest( $server, $myToken->access_token, "/restapi/v1.0/account/~/extension/~/authz-profile/" );

but now with this end url it is not working.
$callLogRequest = makeRequest( $server, $myToken->access_token, "/restapi/v1.0/account/~/call-log/" );

with above sample code OUTPUT is 

Encoded API Keys: WGNhdVJ4V3NUZkdEcTFucldGYW9qZzpRTnZsOHBsY1FKT3FBY1N2RXNqODFRV04wMTRvMVNUdGFqNzB0cmV0Ynk5QQ==Preparing API Request... Preparing Auth request... Uh oh, that did not work the way we expected.

my app API permissions are
- Read Accounts
-Read Call Log

Application Type (Private)
Platform Type (Server-Only NoUI)

Now i hit again (after 1 minute = 10 ) index.php every time m getting above OUTPUT.

Kindly tell me How i can get successful response as before with different end api url. is it different requirements for different url ?

also i need to hit this url through cron after a 5 minutes in future with production link. it should response every time.

see attachment for need to cover end url.

answered on Jun 15, 2017 at 4:59pm  
The above code is a sample code and I am not sure what exactly your application on RingCentral is doing. 

However, you would need to build an application on your side ( please keep in mind that the above code is a sample code ) and make sure that your application exercises all the API permissions on your application and post which your application would be graduated to Production once you have met all the criteria's. 

GET -extension/authz-profile is basically used to get the permissions assigned to the User. 

If you have any further doubts, you could refer to our Graduation Criteria here:

answered on Jun 15, 2017 at 1:43pm  
according to these steps, it's working fine getting response as well. i am using end point 
$callLogRequest = makeRequest( $server, $myToken->access_token, "/restapi/v1.0/account/~/extension/~/authz-profile/" );

during execution it display 

"";, "id" : "UserInfo" }, "effectiveRole" : { "uri" : "";, "id" : "1" }, "scopes" : [ "AllExtensions" ] }, { "permission" : { "uri" : "";, "id" : "Users" }, "effectiveRole" : { "uri" : "";, "id" : "1" }, "scopes" : [ "UserExtensions" ] } ] }
Uh oh, we should have had a records property.

why it print  "Uh oh, we should have had a records property."
and when i hit again index.php  it display 

Preparing API Request... Preparing Auth request... Uh oh, that did not work the way we expected.

after a time i hit again it print half response and then say "Uh oh, we should have had a records property."

kindly tell me how i can resolve it.

also why i need to hit end point  - extension/authz-profile  in developer portal it display x 
i need only (  Call-Log API Endpoint, active-calls API Endpoint) only. due to this i can't met all the graduation requirements for production.


answered on Jun 15, 2017 at 12:10pm  
The above code was updated a while ago and let's go step by step:

1.) You would need to update the Configuration Variables first:
    $appKey = '{{REPLACE_WITH_YOUR_APP_KEY}}';
    $appSecret = '{{REPLACE_WITH_YOUR_APP_SECRET}}';
    $server = '';
    $username = '{{REPLACE_WITH_YOUR_USERNAME}}';
    $password = '{{REPLACE_WITH_YOUR_PASSWORD}}';
The appKey and appSecret could be found on your application on the Developer Portal . The $username and $password are your sandbox credentials that you would need to login to the Service web on Sandbox:  ( this is different from your Production credentials )  You can find it on the Developer Portal -> Navigate to Application -> Sandbox Credentials

 2.) Per the code, it looks like you are trying to use the Call-Log API Endpoint. please make sure you have existing call log records by logging into Service web on Sandbox 

You can make inbound or outbound calls on the sandbox number to generate call logs. You can also use our RingCentral Softphone application to login and make and receive phone calls on the sandbox 

3.) Run 'php  index.php' ( assuming you have named the file as index.php )

However, we have a much simpler code if you are planning to use our official PHP SDK here:

Please take a look at Demo folder to know more.


answered on Jun 15, 2017 at 11:40am  
Thanks for reply
i was got the response successfully at that time, but at now again getting no response from the api. in app analytics show me successful hit increase as well.  

when i hit the php file, it just show this output again, same as before.

Encoded API Keys: <<EncodeKeys>>==Preparing API Request... 
Preparing Auth request...
Uh oh, that did not work the way we expected.

is it any rate limit issue ? if it is after 60 sec, it should be working.

answered on Jun 15, 2017 at 11:28am  
Hi Jerry,

Could you please provide the API Request and the Response. Also, may I know what is the API endpoint that you are calling. 

answered on Jun 15, 2017 at 8:18am  
i have use this code stuff but nothing response i am getting from this script,i have changed user name password and key,secret etc. please help what i am missing in this file. this file i have executed from from local server.

answered on Sep 22, 2016 at 9:35am  
<?php    // Configuration vars
    $appKey = '{{REPLACE_WITH_YOUR_APP_KEY}}';
    $appSecret = '{{REPLACE_WITH_YOUR_APP_SECRET}}';
    $server = '';
    $username = '{{REPLACE_WITH_YOUR_USERNAME}}';
    $password = '{{REPLACE_WITH_YOUR_PASSWORD}}';

    // Responses
    $myToken = null;
    $myCallLogs = null;

    // Base64 Encode appKey:appSecret
    $rawApiKeys = $appKey . ':' . $appSecret;
    $encodedApiKeys = base64_encode( $rawApiKeys );
    echo 'Encoded API Keys: ' . $encodedApiKeys;

    // Get Access Token
    $tokenRequest = makeRequest( $server, $encodedApiKeys, "/restapi/oauth/token", null, "POST", "username=" . $username . "&password=" . $password . "&grant_type=password" );
    if( handleTokenResult( $tokenRequest ) ) {
        $myToken = json_decode( $tokenRequest );
        echo "OUTPUT VALUE OF myToken";
        print_r( $myToken );
        echo $myToken->access_token;
        $callLogRequest = makeRequest( $server, $myToken->access_token, "/restapi/v1.0/account/~/extension/~/call-log/" );
        handleCallLogResult( $callLogRequest );

    // HTTP Response Handler
    function handleTokenResult( $responseData ) {
        $myJSON = json_decode( $responseData, true );
        if( isset( $myJSON['access_token'] ) ) {
            echo "\n\n";
            echo "Auth data received.";
            print_r( $myJSON );
            return $myJSON;
        echo "Uh oh, that did not work the way we expected.";
        return false;

    function handleCallLogResult( $responseData ) {
        $myJSON = json_decode( $responseData, true );
        if( isset( $myJSON['records'] ) ) {
            echo "\n\n";
            echo "Call Log data received.";
            print_r( $myJSON );
            return $myJSON;
        echo "Uh oh, we should have had a records property.";
        return false;

    // HTTP Request function
    function makeRequest( $server, $token, $path, $params = null, $method = 'GET', $data = null ) {
        echo 'Preparing API Request...';
        echo "\n\n";

        // Sanity check

        // Make sure base path is always included
        $basePath = '/^\/restapi\//';
        if( 1 !== preg_match( $basePath, $path ) ) {
            $path = "/restapi/" . $path;
        // Make sure params is empty or an array
        if( null !== $params && "array" !== gettype( $params ) ) {
            echo "params either needs to be null or an array";
            echo "\n\n";
        } else {
            // Map to query string and HTML encode entities where appropriate

        // The URL to use
        $ch = curl_init( $server . $path );

        // Set authorization header properly
        $authPath = '/oauth\/token/';

        if( 1 !== preg_match( $authPath, $path ) ) {
            echo "Preparing Non-Auth request...";
            echo "\n\n";
            $authHeader = 'Authorization: Bearer ' . $token;
            $contentType = 'Content-Type: application/json';

            if( "POST" == $method && "array" !== gettype( $data ) ) {
                curl_setopt( $ch, CURLOPT_CUSTOMREQUEST, "POST" );
                $data_string = json_encode( $data );
                curl_setopt( $ch, CURLOPT_POSTFIELDS, $data_string );

        } else {
            echo "Preparing Auth request...";
            echo "\n\n";
            $authHeader = 'Authorization: Basic ' . $token;
            echo "\n\n";
            curl_setopt( $ch, CURLOPT_POST, true );
            curl_setopt( $ch, CURLOPT_POSTFIELDS, $data );
        curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true);

        curl_setopt( $ch, CURLOPT_HTTPHEADER, array(
            $authHeader )

        // Execute request
        $result = curl_exec( $ch );

        // Close Connection
        curl_close( $ch );

        echo $result;

        return $result;

answered on Sep 22, 2016 at 9:20am  
Hello Ajay,

Please accept my apologies, since my PHP is a little rusty, but I thought I'd give it a shot to show you how to do this. I have the example file done and working, and the answer is posted below, but I'd like to post it in StackOverflow (with the 'ringcentral' tag) because the code formatting/syntax highlighting looks nicer.

Would you kindly ask this question in StackOverflow and I will provide the example in the answer for you? (you can just copy and paste the question as you have it posted here, and perhaps elaborate a little by providing an example cURL request you used which did not work for fetching the call-log resources) (just make sure to add 'ringcentral' in the "Tags" form field).



A new Community is coming to RingCentral!

Posts are currently read-only as we transition into our new platform.

We thank you for your patience
during this downtime.

Try Workflow Builder

Did you know you can easily automate tasks like responding to SMS, team messages, and more? Plus it's included with RingCentral Video and RingEX plans!

Try RingCentral Workflow Builder

Developer Platform
Integrated Apps
App Gallery
Developer support
Games and rewards

Resource center
Product Releases
App Download
RingCentral App login
Admin Portal Login
Contact Sales
© 1999-2024 RingCentral, Inc. All rights reserved. Legal Privacy Notice Site Map Contact Us