© 1999-2024 RingCentral, Inc. All rights reserved.
Privacy Notice
I am getting a "OAU-153" error relating to invalid parameters. What does it mean?
I am trying Password Flow...I'm adapting the code to Coldfusion but I am getting the Invalid Cilent error.
1. My app is setup for Password Flow.
2. I am using username in format of: +15559991212
3. Password was reset and changed successfully to confirm that's correct.
4. Client Id is copied right out of the Credentials in my Developer Account and encoded in Base64.
5. Secret key is copied right out of Credentials in my Developer Account.
My Code:
>cfhttp
method="post"
url="https://platform.devtest.ringcentral.com/restapi/oauth/token";
resolveurl="yes"
getasbinary="never">
<cfhttpparam type="header" name="content-type" value="application/x-www-form-urlencoded">
<cfhttpparam type="header" name="accept" value="application/json">
<cfhttpparam type="header" name="authorization" value="#authorization#">
<cfhttpparam type="url" name="username" value="#username#">
<cfhttpparam type="url" name="password" value="#password#">
<cfhttpparam type="url" name="extension" value="#extension#">
<cfhttpparam type="url" name="grant_type" value="password">
</cfhttp>
<cfoutput>#cfhttp.FileContent#
<cfabort>
Authorization header should be like BASE64(client_id ":" client_secret). It doesn't seem from your code that you are building it properly (if I am not mistaken you encode only client_id with Base64 and then append secret to it as is.
So you are saying that the bas64 needs to be applied to both together...another rep for Ringcentral said that you base64 the client_id and then put a colon and then leave the client secret the same which didn't make sense to me frankly.
Also, another rep said a conflicting thing that you don't need to base64 on Password Flow....so there is a lot of confusion between support on how this API is constructed.
Jason, I don't know who told you that and apologize for misunderstanding. But actually this part is explained in multiple places in our documentation (for example here: http://ringcentral-api-docs.readthedocs.io/en/latest/oauth/#client-authentication) as well as in other sources explaining OAuth 2.0 protocol. It is just a standard authorization header format for HTTP Basic authentication.
Ok...I appreciate the direct link to what is right...
To confirm that I did my Authorization Header correctly, here is my code and I will explain it:
<cfset authorization = client_id & ":" & client_secret />
<cfset authorization = "Basic " & ToBase64(authorization) />
The first line in Coldfusion is saying this:
authorization = the base64 of client_id:client_secret
The second line says add the word "Basic" plus a space to the front of the authorization variable above, so if you outputted this variable, it would look like this:
Basic THISISTHEBASE64OFCLIENT_ID:CLIENT_SECRET
Assuming I did that right (which I assume I did since the error changed), I got this:
"errorCode" : "OAU-140", "message" : "Invalid resource owner credentials"
This implies invalid username or password. My username is the Development phone number in my console and my password (which I believe I'm right) but I cannot verify it since it's not readable.
Jason
To confirm that I did my Authorization Header correctly, here is my code and I will explain it:
<cfset authorization = client_id & ":" & client_secret />
<cfset authorization = "Basic " & ToBase64(authorization) />
The first line in Coldfusion is saying this:
authorization = the base64 of client_id:client_secret
The second line says add the word "Basic" plus a space to the front of the authorization variable above, so if you outputted this variable, it would look like this:
Basic THISISTHEBASE64OFCLIENT_ID:CLIENT_SECRET
Assuming I did that right (which I assume I did since the error changed), I got this:
"errorCode" : "OAU-140", "message" : "Invalid resource owner credentials"
This implies invalid username or password. My username is the Development phone number in my console and my password (which I believe I'm right) but I cannot verify it since it's not readable.
Jason
I figured it out...tried to post the Coldfusion code for Password Flow, but it wouldn't post.
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.