Implement the Resource Owner Password Grant

Hi, I have tried to follow the guide for a Resource Owner Password Grant but i get Unauthorized.

curl --request POST
–url ‘edited oauth token’
–header ‘content-type: application/x-www-form-urlencoded’
–data grant_type=password
–data password=password
–data ‘audience=1.0.7-D1 USER API’
–data scope=read:sample
–data ‘client_id=5jvrnCg5FHWSEFYjtmcMiL0JjaGAgP4t’
–data ‘client_secret=xxx’

I think ive followed everything from /docs/api-auth/tutorials/password-grant accurately, ive even tried on a fresh account.

Logs show
“date”: “2020-06-29T16:08:58.619Z”,
“type”: “fepft”,
“description”: “Unauthorized”,
“connection_id”: “”,
“client_id”: “5jvrnCg5FHWSEFYjtmcMiL0JjaGAgP4t”,
“client_name”: null,
“ip”: “”,
“client_ip”: “”,
“user_agent”: “curl 7.70.0 / Other 0.0.0”,
“hostname”: “”,
“user_id”: “”,
“user_name”: “”,
“audience”: “1.0.7-ESCDIP-474 USER API”,
“scope”: “read:sample”,
“log_id”: “90020200629160858882000460769530734477886991180924715026”,
“_id”: “90020200629160858882000460769530734477886991180924715026”,
“isMobile”: false

Any tips appreciated,

ps the reason i want to use this flow is so that i can get token with claims in a simple fashion for nightly test process.

Hey, two things:

  1. You probably want M2M (client credentials) instead of ROPG for a nightly test process.
  2. Check the tenant logs for more details on the error.


1 Like

thanks for response, turns out to be developer error here. i had the client id from my usual account not the one from this fresh account i used to isolate the application for this ticket.