Getting Started     Knowledge Base     Community     User Manuals     Ideas
News & Announcements User Community Developer Community

Welcome to the RingCentral Community

Please note the community is currently under maintenance and is read-only.

Search
Make sure to review our Terms of Use and Community Guidelines.
  Please note the community is currently under maintenance and is read-only.
Home » Developers
JWT authorization does not work, error OAU-250 "unsupported grant type"
Tags: get token
Apr 6, 2022 at 9:00pm   •   4 replies  •  0 likes
Lauren Anderson

Using JWT to request an access token as explained at https://developers.ringcentral.com/guide/authentication/jwt-flow#technical-discussion does not work. I created an application in Sandbox with "Read Accounts" permissions and a JWT for "all apps belonging to my organization" and followed the instructions in the documentation above. When I POST to https://platform.devtest.ringcentral.com/restapi/oauth/token as shown in the example, I get 400 invalid request and errorCode OAU-250 "Unsupported grant type". I have tried it with both Postman and curl and get the same error. I have properly base64-encoded the Client ID and Secret with a ":" between them (I've done this with other APIs on other platforms and know the routine). I added the Content-Type as shown in the example, added the JWT to the body, etc. I've deleted and regenerated the JWT numerous times as well as the applications. It does not work. Is the JWT authorization flow one that we can actually use? Or is it reserved from some special, unnamed APIs or authorization servers? It doesn't work in the Sandbox.

Lauren Anderson on Apr 6, 2022 at 9:13pm   •  0 likes

And yes, when I created the app, I marked "JWT auth flow" instead of "3-legged OAuth flow authorization code".

Yatin Gera on Apr 7, 2022 at 2:11am   •  0 likes

Can you please share the client id of your app

Lauren Anderson on Apr 7, 2022 at 8:24am   •  0 likes

"All APIs JWT Test" client id: H4PSEw2URKG3UCtgDR10Cw

3 Answers
Lauren Anderson answered on Apr 12, 2022 at 4:13pm  

Thank you Phong, Yatin and Suyash. Those examples all worked. The problem wasn't public or private. The problem I had was that I didn't URL encode the grant_type and assertion. I was sending (wrong):

grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer

instead of (right):

grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer

And when I ran it in Postman, I also incorrectly set the Body to use "form-data" instead of "x-www-form-urlencoded" (which URL encodes the value for grant_type and assertion). Thank you for the excellent responses.


 1
Suyash Joshi on Apr 13, 2022 at 12:02pm   •  0 likes

glad you figured it out!

Suyash Joshi answered on Apr 8, 2022 at 3:30pm  

Hi @Lauren Anderson here is a sample project on GitHub that you can clone/download and run it. Just make sure to update the .env file with your credentials including JWT and it should work: https://github.com/suyashjoshi/ringcentral-node-auth-jwt


 1
Phong Vu answered on Apr 7, 2022 at 7:51am  

The problem is that you created a public app "All APIs JWT Test" and you select the "Personal JWT". I change your app scope to "Private" now. Try it again.


 0



A new Community is coming to RingCentral!

Posts are currently read-only as we transition into our new platform.

We thank you for your patience
during this downtime.

Try Workflow Builder

Did you know you can easily automate tasks like responding to SMS, team messages, and more? Plus it's included with RingCentral Video and RingEX plans!

Try RingCentral Workflow Builder

PRODUCTS
RingEX
Message
Video
Phone
OPEN ECOSYSTEM
Developer Platform
APIs
Integrated Apps
App Gallery
Developer support
Games and rewards

RESOURCES
Resource center
Blog
Product Releases
Accessibility
QUICK LINKS
App Download
RingCentral App login
Admin Portal Login
Contact Sales
© 1999-2024 RingCentral, Inc. All rights reserved. Legal Privacy Notice Site Map Contact Us