When calling the /restapi/oauth/token endpoint I can successfully retrieve a token when I use the Admin account related to the client specified on the developer portal.
Our requirement is that individual users are able to retrieve their own OAuth token using their credentials (Username, Password & Extension) whilst still using the Client Id/Secret to make RingOut calls.
Unfortunately whenever I attempt to get a token using an account other than the Admin it receive an error code OAU-140 (Invalid resource owner credentials) despite being able to login to the RingCentral phone app with the same credentials.
Am I missing something with how the system operates? It is my understanding that this should be possible and that I can use the extension to make RingOut calls after authorizing using the individuals credentials; should this be allowed? Is this not how the system is intended to be used? If it is intended to be used this way then how can I get around this problem?