Problem obtaining request token

(David Yona) #1


I have trouble obtaining access token through rest API.
Here is my request and corresponding response. The response body is {“error”:“invalid_client”} and there is a response header X-Mashery-Error-Code with value ERR_403_DEVELOPER_INACTIVE

Any thoughts on what could be causing this?

Thank you!


POST /token HTTP/1.1
User-Agent: HTTPie/0.9.9
Accept-Encoding: gzip, deflate
Accept: application/json, */*
Connection: keep-alive
Content-Type: application/json
Content-Length: 248

{"client_id": "[==removed==]", "client_secret": "[==removed==]", "grant_type": "authorization_code", "code": "[==removed==]", "redirect_uri": "[==removed==]"}


HTTP/1.1 401 Unauthorized
Cache-Control: no-store
Content-Type: application/json;charset=UTF-8
Date: Sat, 03 Jun 2017 22:03:01 GMT
Pragma: no-cache
Server: Mashery Proxy
WWW-Authenticate: Basic realm=""
X-Error-Detail-Header: Account Inactive
X-Mashery-Error-Code: ERR_403_DEVELOPER_INACTIVE
Content-Length: 26
Connection: keep-alive


(John Borelli) #2

Don’t send params as json to start with. Many of them are sent in the url (eg grant_type, code and redirect_url). You need an Authorization header that is set to Basic (base64 of id:secret) as well.

Also, the endpoint for authorization is

(David Yona) #3

Hi John,

I tried everything as you suggested and got the same result. Where is your information coming from? I don’t see this in documentation.

Looking at the php implementation I see that they are sending everything in the body and base64 is not used to request access token. It is used only to refresh the token.

Also, shouldn’t these two response headers indicate a problem with the account itself?

X-Error-Detail-Header: Account Inactive
X-Mashery-Error-Code: ERR_403_DEVELOPER_INACTIVE

Thank you!

(David Yona) #4

Got it working! The final message on this one helped: How to build a private app?