Error when calling API

global-dave · 24 October 2018 08:27

Folders installed as:

global-dave · 24 October 2018 08:32

Yeah, right. Removing the “lib” does indeed help. :))))) :woohoo:

think i’m back in the saddle now. Wow, that was a long two weeks in the wilderness. :)))

{
    "error": "unsupported_grant_type",
    "message": "The authorization grant type is not supported by the authorization server.",
    "hint": "Check the `grant_type` parameter"
}

I can work from there I think now that i have an endpoint. :))

I had assumed that the example they give in the documentation of “POST /api/oauth/access_token” was a shorthand, and that I would need to include a qualified domain path in front of that to the folder.

Apparently not.

Thanks!

global-dave · 7 November 2018 08:42

Well I was too optimistic.

Doing POST in Postman, bumping up against:

{
    "error": "unsupported_grant_type",
    "message": "The authorization grant type is not supported by the authorization server.",
    "hint": "Check the `grant_type` parameter"
}

Using the SuiteCRM example

http://domain.com/api/oauth/access_token?grant_type=client_credentials&client_id=14...ae&client_secret=client...secret&scope=standard:create standard:read standard:update standard:delete standard:delete standard:relationship:create standard:relationship:read standard:relationship:update standard:relationship:delete

Pretty sure “client_credentials” is a valid grant_type, no?

fanton.ff · 7 November 2018 08:55

Could be a misleading error message… I’d suggest adding some log calls to lib/API/OAuth2/Middleware/AuthorizationServer.php, function respondToAccessTokenRequest to figure out what’s going on

global-dave · 7 November 2018 09:03

Thanks for that fanton, most appreciated.

I did try putting the key/params into the body with a form, but that just gets a different error:

{
    "error": "invalid_client",
    "message": "Client authentication failed"
}

Some say needs to be in body and some say in a form, others that raw works better.

I made new client credentials to double-check. It’s a bit stubborn

global-dave · 7 November 2018 09:43

Checked suitecrm log and other logs, nothing there.

Is my POST request okay? Anything dumb in there?

anothermouse · 21 July 2020 16:33

Part of the problem:

if you run the web installer without write permissions to the drive, then you get a different .htaccess to cut and paste. This patch ensures that you get the correct information, as I dislike giving a webserver write access to my .htaccess files.