We make use of your call log API and Send SMS API, as well as WebRTC browser calling.
For Call log & Send SMS API we have console app and for WebRTC Browser calling we have Web project.
We first established App1 and set up a private app with passwords flow and it worked, but we need to transfer this app into production and we can't figure out how to do it.
We don't require a private app, so we make a public one. Because password flow isn't possible in public app, we use a "3-legged OAuth flow authorization code," or " JWT auth flow" but the API isn't called, and an error is returned like .
We use your JS for WebRTC browser calling as well, but when I login, the same error appears. Our second issue is that we need to authenticate for WebRTC calling, but we can't use a second app client/Secret Id.
Our third worry is how we safeguard client id and secret id, password, and other sensitive information when we use WebRTC login or bypass this, because your entire code is written in JS and is visible in inspect.
PFA, for better clarity in integrations, code sandbox, platform, and other areas.
Anticipation for your cooperation. We are waiting for your response.
Response
StatusCode: 400, ReasonPhrase: 'Bad Request', Version: 1.1, Content: System.Net.Http.StreamContent,
HTTP Headers:
{
Connection: keep-alive
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
RCRequestId: 69b22dec-9b72-11ec-aa86-005056bb915a
Pragma: no-cache
AceRoutingKey: sjc11-c01-ace01-7455cc4c98-d5rcm_10.24.109.20
RoutingKey: SJC11P01
Cache-Control: no-store
Date: Fri, 04 Mar 2022 04:20:24 GMT
Server: nginx
Content-Length: 201
Content-Language: en
Content-Type: application/json
}
Content: {
"error" : "unauthorized_client",
"errors" : [ {
"errorCode" : "OAU-251",
"message" : "Unauthorized for this grant type"
} ],
"error_description" : "Unauthorized for this grant type"
}
Request
Method: POST, RequestUri: 'https://platform.devtest.ringcentral.com/restapi/oauth/token', Version: 1.1, Content: System.Net.Http.FormUrlEncodedContent, Headers:
{
X-User-Agent: Unknown/0.0.1 RingCentral.Net/5.13.0
Authorization: Basic TnZodDFpaEdRWUd5QlhrY0lJaldqQTp2T2s2NnRkbVFheWxvcjNVNVk5RDBnZ2tjcnlwUHFTMXV5aUZDV0NaRGMwQQ==
Content-Type: application/x-www-form-urlencoded
Content-Length: 79
}
Content: <content has been disposed by HttpClient: https://github.com/dotnet/corefx/issues/1794>
Send me a link to the JS SDK you are using so that I can see if it supports JWT auth. Please also include a code snippet of how you are passing auth credentials to this SDK.
Clarifying question: help me understand why you need two different client IDs, and be sure to articulate what each client ID is responsible for functionally within your solution.
There is a lot to unpack here. So let's work through issues one at a time.
"Unauthorized for this grant type" error
There are multiple circumstances when this can occur. It is possible you are trying to pass credentials that are not compatible with the declared and/or authorized grant type.
For example, you may be trying to perform JWT auth, but your app may be configured for a different auth method. Or vice-versa. By default, apps can only be configured for one auth methodology. On the backend, we have the power to expand that if need be, but you should at least be aware of that limitation.
Another possible explanation is in the SDK itself - it may not yet support JWT authentication.
Our third worry is how we safeguard client id and secret id, password, and other sensitive information when we use WebRTC login or bypass this, because your entire code is written in JS and is visible in inspect.
You should be used the auth code flow with PKCE (pronounced "pixie") support. That is the recommended way to help protect your client ID and secret. It is indeed the recommended approach for all classic OAuth flows to be honest as it is far and away much more secure and resilient against replay and man-in-the-middle attacks.
A new Community is coming to RingCentral!
Posts are currently read-only as we transition into our new platform.We thank you for your patience
during this downtime.
Try Workflow Builder
Did you know you can easily automate tasks like responding to SMS, team messages, and more? Plus it's included with RingCentral Video and RingEX plans!Try RingCentral Workflow Builder
