Good morning, I would like to preface by saying that I have completed the process to activate the web API integrations and successfully received the secret key. As of now, I am following the OAuth2 flow to authenticate.
In the first step I create an authorization URL as follows:
However, the response to the bash request is as follows, despite the client_id and the client_secret are the same present in the nuki’s web-api page:
{"error":"invalid_client","error_description":"Client authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method). passwords do not match"}
The error suggests that there is a problem with the credentials used to authenticate the client (usually a combination of client ID and client secret). Has your advanced API request been approved? Please validate the client ID & secret again.
Please try to use this curl command to request the access token:
curl -X POST -d ‘client_id=CLIENT_ID client_secret=CLIENT_SECRET grant_type=authorization_code code=AUTHORIZATION_CODE redirect_uri=CALLBACK_URL’ https://api.nuki.io/oauth/token
Hello, yes, my advanced API request has been approved. When I request a token (not an AUTHORIZATION_CODE) with my credentials, the API response is correct, and I can use it to authenticate. So, I don’t think the credentials are the issue in this case.
To clarify any doubts: the credentials are the ones found on the page Nuki Web on the API page, in the “OAuth2 API key & URL” section. Specifically, client_id corresponds to “OAuth2 API key” and client_secret corresponds to “OAuth2 API Secret,” correct?
Using Swagger (Nuki demo), I have to enter only the client_id, and it works. However, when I use Postman, I receive the same error as when sending data with PHP or Curl (bash).