401/403 (unauthorized_client w/grant type client_credentials) when requesting token for M2M client

Help
, , , ,
1

I’m sure I’m doing something simple wrong here but I can’t request a token for my M2M client no matter what I try. If I submit my POST request with raw JSON I get a 401 access denied. If I submit my params as application/x-www-form-urlencoded I get the following 403:

{
    "error": "unauthorized_client",
    "error_description": "Grant type 'client_credentials ' not allowed for the client.",
    "error_uri": "https://auth0.com/docs/clients/client-grant-types"
}

These posts seem to be having a similar problem:

Here’s some screenshots of my requests and client and API settings. What am I doing wrong here - any help much appreciated!

Requests (running from Postman to test):

Screen Shot 2022-04-01 at 11.15.11 AM
Screen Shot 2022-04-01 at 11.15.11 AM1031×649 54.1 KB

Screen Shot 2022-04-01 at 11.15.20 AM
Screen Shot 2022-04-01 at 11.15.20 AM1035×639 44.6 KB

Client:
Screen Shot 2022-04-01 at 11.16.39 AM

Screen Shot 2022-04-01 at 11.16.51 AM
Screen Shot 2022-04-01 at 11.16.51 AM944×431 20.5 KB

Screen Shot 2022-04-01 at 11.17.06 AM
Screen Shot 2022-04-01 at 11.17.06 AM1076×435 28.1 KB

API:

Screen Shot 2022-04-01 at 11.17.27 AM
Screen Shot 2022-04-01 at 11.17.27 AM1068×950 73.1 KB

Screen Shot 2022-04-01 at 11.17.54 AM
Screen Shot 2022-04-01 at 11.17.54 AM1085×592 22.4 KB

3

Hi @joelp,

Thanks for reaching out to the Auth0 Community!

I understand you’re encountering issues getting an access token when performing a client credentials grant flow.

After looking at your screenshots carefully, it seems that you have everything configured correctly for your API.

In this case, could you please go to your Auth0 Dashboard > Applications > APIs > YOUR_API and click on the Test tab.

On there, select your M2M application from the drop down menu, click on cURL, copy that command and import it as raw text in Postman.

image
image2640×1402 261 KB

Once that is complete, you can request to get an access token for your API.

I have tested this and can confirm that it works without any changes.

Please let me know how this goes.

Thank you.

4

Hi @rueben.tiow thanks for the reply and help.

I can confirm this works and my previous requests now work.

Are you able to explain what happened here and why it started working after importing this cURL request?

Thanks!

1 Like
5

Hi @joelp,

Thank you for your reply, and I’m glad that it works now!

It’s likely due to the content-type header in your initial request. I have encountered this issue before when the outgoing request had correct values but still returned an error.

Hoped this helps!

Please let me know if there’s anything else I can do to help.

Thank you.