Skip to main content

Code =


function getNewAccessToken(clientId, clientSecret) {


return new Promise((resolve, reject) => {


const options = {


method: ‘POST’,


url: ‘https://api.box.com/oauth2/token’,


headers: {


‘Content-Type’: ‘application/x-www-form-urlencoded’


},


form: {


grant_type: ‘client_credentials’,


client_id: clientId,


client_secret: clientSecret,


box_subject_type: ‘user’,


box_subject_id: ‘8777888766’


}


};



request(options, function (error, response, body) {

if (error) {

reject(error);

} else {

const parsedBody = JSON.parse(body);

if (parsedBody.access_token) {

console.log(parsedBody.access_token);

resolve(parsedBody.access_token);

} else {

reject(parsedBody);

}

}

});



});


}



I am getting the Error


}


{


error: ‘invalid_grant’,


error_description: ‘Grant credentials are invalid’


}



Please provide me a solution of it

Hi @user228 , welcome to the forum!



I do not see anything wrong with your request, here is my attempt:



curl --location 'https://api.box.com/oauth2/token' \

--header 'Content-Type: application/x-www-form-urlencoded' \

--data-urlencode 'grant_type=client_credentials' \

--data-urlencode 'client_id=h5...qi' \

--data-urlencode 'client_secret=Tqb...38' \

--data-urlencode 'box_subject_type=user' \

--data-urlencode 'box_subject_id= 18622116055'



and I get:



{

"access_token": "92...Xz",

"expires_in": 4238,

"restricted_to": [],

"token_type": "bearer"

}



So a few possibilities:





  • Your Box subject id looks more like an enterprise id than a user id, make sire you have the correct user id, or if you want to use the enterprise id (service account) then switch the subject type from user to enterprise.


  • Check you application configurations.




If you want the CCG app to impersonate users you need to have these checked:







Let us know if this helps


Reply