Good morning, I would like to preface by saying that I have completed the process to activate the web API integrations and successfully received the secret key. As of now, I am following the OAuth2 flow to authenticate.
In the first step I create an authorization URL as follows:
"https://api.nuki.io/oauth/authorize?response_type=code&client_id={$client_id}&redirect_uri={$redirectUri}&scope={$scopes}"
After that, when I receive a call on my server, I manually copy the code that was sent as a parameter and execute this call with bash:
curl -X POST \
--header 'Content-Type: application/x-www-form-urlencoded' \
-d "client_id=$client_id&client_secret=$client_secret&grant_type=authorization_code&code=$code&redirect_uri=$redirect_uri" \
'https://api.nuki.io/oauth/token'
However, the response to the bash request is as follows, despite the client_id and the client_secret are the same present in the nuki’s web-api page:
{"error":"invalid_client","error_description":"Client authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method). passwords do not match"}
Additionally, here’s a sample of my codes:
code="ory_ab_..."
client_id="**_*-**..."
client_secret="****..."
scopes="account%20smartlock%20smartlock.create%20smartlock.auth%20smartlock.action%20smartlock.log%20smartlock.readOnly%20smartlock.config%20notification"