Access token could not be verified on every endpoint request

Enkriptirana · 11 April 2025 14:02

I’m using grant_type client_credentials, I obtained access token via endpoint: /legacy/Api/access_token
and I got:

{
  "token_type": "Bearer",
  "expires_in": 3600,
  "access_token": "example_access_token"
}

On each of request I added this access_token inside Headers like: Bearer {{access_token}}

but on each request I get:

{
  "error": "access_denied",
  "error_description": "The resource owner or authorization server denied the request.",
  "hint": "Access token could not be verified",
  "message": "The resource owner or authorization server denied the request."
}

What am I missing, does anyone have an idea?

pstevens · 12 April 2025 00:45

What’s your request url?

Also, check out my tutorial here, you may find something you’re not doing right:

Enkriptirana · 13 April 2025 10:07

Thank you for responding.
I did follow your youtube tutorial as well as checked out the blog but simply whatever request URL I try after getting an access_token I get the same response that the access is denied.
example requests: https://{{site_url}}/legacy/Api/V8/module/Leads, https://{{site_url}}/legacy/Api/V8/meta/modules

Also for additional information, I only have admin account and I have created in the GUI a few entries like entry for lead, account, contact and so on just so that I can have some data to retrieve. I have tried also the postman collection, but nothing really worked.