'401 Unauthorized error' when utilizing OAUTH 2.0 Client Credentials in API Explorer

book

Article ID: 4284

calendar_today

Updated On:

Products

API MANAGEMENT SAAS CA API Gateway

Issue/Introduction

API Explorer presents a '401 Unauthorized Error' whilst testing APIs in conjunction with the OAuth 2.0 Client Credentials grant type.

Cause

Per the OAuth 2.0 IETF RFC 'Client Credentials' grant type is only usable with confidential clients.

Environment

Release:
Component: APIPRS

Resolution

Edit the published application and change the grant type from public to confidential.

To edit an existing application's grant type:

1. Log in to the CA API Management SaaS Portal

2. On the navigation bar, click Applications.

3. On the Actions menu beside the Application, client Edit.

4. Edit the application grant type:

  • On the Auth tab adjust the type from Public to Confidential.

5. Click Save.

6. Repeat the API Explorer test as outlined in the following the Test and Explore APIs documentation.