Ring Central Auth令牌在卷曲调用中失败-“未授予此授权类型" [英] RingCentral Auth Token Failed in Curl Call - "Unauthorized for this grant type"

问题描述

我正在尝试从具有cURL的> RingCentral身份验证令牌 /restapi/oauth/token端点，但失败并显示以下错误:

I am trying to get an auth token from the RingCentral auth token /restapi/oauth/token endpoint with cURL but it fails with the error:

400 Bad Request

{
    "error": "unauthorized_client",
    "error_description": "Unauthorized for this grant type",
    "errors": [
        {
            "errorCode": "OAU-251",
            "message": "Unauthorized for this grant type"
        }
    ]
}

这是我尝试过的:

curl -X POST "https://platform.devtest.ringcentral.com/restapi/oauth/token" \
-H "Accept: application/json" \
-H "Content-Type: application/x-www-form-urlencoded" \
-u "clientId:clientpassword" \
-d "username=username&password=password&extension=101&grant_type=password"

推荐答案

OAuth 2.0密码流

您正在使用OAuth 2.0密码授予(grant_type=password)进行OAuth 2.0请求，在RingCentral Developer Portal中也称为密码流"，在OAuth 2.0中正式称为资源所有者密码凭证"授予IETF RFC 6749标准.

You're making an OAuth 2.0 request using the OAuth 2.0 password grant (grant_type=password), also known as "Password flow" in the RingCentral Developer Portal and formally as the "Resource Owner Password Credentials" grant in the OAuth 2.0 IETF RFC 6749 standard.

为了使用密码流，您的应用程序必须支持下面的屏幕截图中显示的Password flow授权类型.

In order to use the password flow, your application must support the Password flow Authorization Type as sown in the screenshots below.

要使用此流程，您的应用程序需要满足两个条件:

To use this flow, your app needs to fulfill two criteria:

• 能够保护客户端机密:应用程序凭据包括客户端ID和客户端机密.对于密码流，必须保护客户端机密免受最终用户的攻击，例如:在安全的服务器应用程序上.它不能与仅用于浏览器的客户端应用程序一起使用，因为最终用户将能够检查和检索客户端机密.
• 成为私人应用程序:密码流要求应用程序所有者有权访问资源所有者(也称为最终用户)的密码.因此，它只能与应用程序所有者和资源所有者在同一组织中的私有应用程序一起使用.公共应用程序不支持此功能，因为不应向应用程序开发人员提供密码.

要使用此授予类型，您需要确保将您的应用配置为在RingCentral Developer Portal中具有密码流"授予，如下所示:

To use this grant type, you need to make sure your app is configured to have the Password flow grant in the RingCentral Developer Portal as shown below:

创建应用向导

在创建应用程序时，请确保已选择密码流".您的选择基于应用程序的应用程序类型"和平台类型"，而这些又与应用程序的安全性规范有关.

When creating an app, make sure to ensure "Password flow" is selected. Your options are based on on the "Application type" and "Platform type" for your app, which in turn are related to the security specifications of your app.

这是一个动画GIF，显示了各种针对OAuth授予设置的应用.

Here is an animated GIF showing various app to OAuth grant settings.

应用设置页面

要验证现有应用已启用密码流"，请转到应用的设置"页面的"OAuth设置"部分，并验证是否存在密码流.

To verify an existing app has "Password flow" enabled, go to the app's "Settings" page's "OAuth Settings" section and verify Password flow is present.

以下是有关IETF RFC 6749中的密码授予的一些信息:

Here's some information on the password grant in IETF RFC 6749:

https://tools.ietf.org/html/rfc6749#section -1.3.3

这篇关于Ring Central Auth令牌在卷曲调用中失败-“未授予此授权类型"的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！