SuiteCRM API v8: Password login not working

Dear all,

I am trying to use the password login for the V8 API.
Currently I am sending the following information to the /Api/access_token URL:
“grant_type”: “password”,
“client_id”: “e14c034b-XXXX-XXXX-XXXX-6032411a7d9d”,
“client_secret”: “XXXXX”,
“username”: “outlookclient”,
“password”: “XXXX”
I am always getting the following error message:
“error”: “unknown_error”,
“message”: “The password is invalid: XXXX”

I have tried to send the password plain and as an MD5 hash: Both lead to the same result.
I have also tried it with existing and newly created users, both with the same result.

I am currently trying this on Postman.

Can you help me what else I can do to get it running?


You should set header:

Content-Type: "application/x-www-form-urlencoded"

and use format body for POST of Content-Type:



@p.konetskiy Thank you for your suggestion. I tried it and got the same result: The password is invalid

I am not sure if this is a problem, but I use LDAP for the credentials typically. In my scenario I have tried it with both, LDAP users and SuiteCRM only users.

What about the password itself? Do I need to send this hashed or plain?

You should send plain.

Ok, thanks. Unfortunately this is still not working.
Do you maybe have a working Postman collection I can look at?

@p.konetskiy I have figured it out. The password hash was not set in the database, that is why it was not working. Once I have updated the hash (it somehow did not work via the UI and I had to do it via a query) it is working.

Now I need to understand how I can use the LDAP authentication in the OAuth class. Have you already done this?