Getting access token for a Server Application - Invalid client
I have followed the instructions in the link https://support.panopto.com/s/article/oauth2-for-services for Server application using client credentials.
In postman i tried a POST request to the Panopto Oauth2 token endpoint. https://<server>/Panopto/oauth2/connect/token with request payload type as Url encoded and the key value as following grant_type as “client_credentials” and the scope as “api”.
In the header have added the Key as Authorization and value as "Basic Base64Encoded(<ClientId>:<ClientSecretValue>)". The client Id used to construct the auth token here is a guid I see in the api key on panopto portal.
I am getting 400 response with below error.
Authorization: Basic Base64Encoded(<ClientId>:<ClientSecretValue>)
Accept-Encoding: gzip, deflate, br
- scope: "api"
- grant_type: "client_credentials"
I was able to look into this for you on our end, and it looks like the root error is an invalid client secret value. Can you please double-check that you are sending the correct client secret value in the Authorization header?
If you are unsure if the secret is correct or have lost the original client secret value, you can generate a new one by opening the API Client menu (System->API Clients), find the API client you are using, and click on the client name to edit that client. A pop-up window will open with the client details. Click on the Generate button to generate a new secret value, copy and save it somewhere locally, and then click on the Save button to save the new client secret. Once you have generated and saved the new client secret, please try updating your Postman request with the new secret and see if that works.
Please let me know if you have any other questions, or if you still continue to see this error after generating a new client secret value.
I did check that multiple times and tried to make call with new generated secret from the portal still getting the same error.
Thank you for the quick reply. If you've already tried using a new client secret, then I will likely need some additional information from you on this. Can you please contact your Panopto Sales Engineer and ask them to open a ticket on your behalf so I can continue to look into this further for you?