Skip to main content

Code =

function getNewAccessToken(clientId, clientSecret) {

return new Promise((resolve, reject) => {

const options = {

method: ‘POST’,

url: ‘https://api.box.com/oauth2/token’,

headers: {

‘Content-Type’: ‘application/x-www-form-urlencoded’

},

form: {

grant_type: ‘client_credentials’,

client_id: clientId,

client_secret: clientSecret,

box_subject_type: ‘user’,

box_subject_id: ‘8777888766’

}

};


request(options, function (error, response, body) {
if (error) {
reject(error);
} else {
const parsedBody = JSON.parse(body);
if (parsedBody.access_token) {
console.log(parsedBody.access_token);
resolve(parsedBody.access_token);
} else {
reject(parsedBody);
}
}
});

});

}


I am getting the Error

}

{

error: ‘invalid_grant’,

error_description: ‘Grant credentials are invalid’

}


Please provide me a solution of it

Hi @user228 , welcome to the forum!


I do not see anything wrong with your request, here is my attempt:


curl --location 'https://api.box.com/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_id=h5...qi' \
--data-urlencode 'client_secret=Tqb...38' \
--data-urlencode 'box_subject_type=user' \
--data-urlencode 'box_subject_id= 18622116055'

and I get:


{
"access_token": "92...Xz",
"expires_in": 4238,
"restricted_to": [],
"token_type": "bearer"
}

So a few possibilities:



  • Your Box subject id looks more like an enterprise id than a user id, make sire you have the correct user id, or if you want to use the enterprise id (service account) then switch the subject type from user to enterprise.

  • Check you application configurations.


If you want the CCG app to impersonate users you need to have these checked:




Let us know if this helps


Reply