Our company sandbox has graduated and been transited into a production environment. However running the same application against the production environment produces authorization failures. The production account credentials only works for the default Admin user and it fails on all other users with the following error:
I have updated the RingCentralClient to use production Url.
12:49:19.48 [TP03] RingCentralClient: !! Error !! Initialize: Exception caught - message=Response:
StatusCode: 400, ReasonPhrase: 'Bad Request', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
{
Connection: keep-alive
X-Application-Context: application:8080
RCRequestId: 8cc942f8-082e-11eb-8cdc-005056bbb2d3
Pragma: no-cache
AceRoutingKey: sjc01-c01-ace03.004a3340-fc99-11ea-a999-005056973b9b
RoutingKey: IAD01P12
Cache-Control: no-store
Date: Tue, 06 Oct 2020 23:49:19 GMT
Server: nginx
Content-Length: 199
Content-Language: en
Content-Type: application/json; charset=utf-8
}
Content: {
"error" : "invalid_grant",
"errors" : [ {
"errorCode" : "OAU-140",
"message" : "Invalid resource owner credentials"
} ],
"error_description" : "Invalid resource owner credentials"
}
Could you please what I have done wrong?
Any help is appreciated!
@Phong Vu Thank you for the quick response! It turns out that the user password has to be the same as the password of the app account. Once we updated the user password to that, it all starts working! Our application made the assumption that all user password should be the same as the main company number password. So my question is that why we cannot use the main company number/password to log into all extension as it would be much simpler for the application if it need to maintain more than one user? Thanks
Yes, you can login your app using the main company number, the extension number and the password belong to that extension. I don't understand your assumption that all user password should be the same. Each user should set their own password and shouldn't it be different from each other as a good practice?
Believe me, 10/10 always claims that they login with correct username and password and just find out at the end they were wrong or mistaken.
What i'm thinking was that there is an App user/password which is allowed to log into all extensions we like to control
Login with the user extension with a super admin role. A super admin user can do a lot for other extensions such as read extension's call log, message store or create new extensions, etc. It cannot send SMS on behalf of other extensions though.
I understand RingCentral super user cannot do call control on behalf of another user. However is that possible to use the same super user account to log into all other extensions: such as
Authorize(superUser, superuserpassword, 101);
Authorize(superUser, superuserpassword, 102);
etc.
@Phong Vu This is the app client id: P5AyjJlYRYGfF1kcXTDlXg. Thanks!
Your app looks ok. And based on the app analytics, I saw that you have some successful API call on the production account. This means that you could login with some users and failed with some users.
When calling this line
var tokenInfo = await m_restClient.Authorize(m_username, m_extensionNumber, m_password);
Do you use the main company phone number and the extension number? Or do you use the extension's direct phone number e.g. the extension "102" has this number ending with xxx-3436?
Thing for you to check, login the service web with the user credentials you use to login the app. If that does not work, it really means you are using the wrong username and password combination.
Here is the authorization code:
//Client ID, Client secret, User Name, Password are copied over from the production environment //under the app account. Ext number such as 101, 102 etc.
m_log.Trace($"Initialize: Create RestClient for user={m_username} extension={m_extensionNumber} clientId={m_clientId}");
m_restClient = new RestClient(m_clientId, m_clientSecret, true);
m_log.Trace($"Initialize: Authorize for user={m_username} extension={m_extensionNumber}");
var tokenInfo = await m_restClient.Authorize(m_username, m_extensionNumber, m_password);
A new Community is coming to RingCentral!
Posts are currently read-only as we transition into our new platform.We thank you for your patience
during this downtime.
Try Workflow Builder
Did you know you can easily automate tasks like responding to SMS, team messages, and more? Plus it's included with RingCentral Video and RingEX plans!Try RingCentral Workflow Builder