SharePoint PostOAuth error: "Invalid client secret is provided"

Our access token for SharePoint has expired so a new client id and client secret have been generated as per the 2 articles referenced below, however when running the POST below, it returns the error description: "Invalid client secret is provided." (The parameters for testing the POST were manually added to the body content using the following format: grant_type=<GrantType>&client_id=<ClientId>&client_secret=<ClientSecret>&resource=<Resource>)

Is anyone able to shed any light on why this might be happening? The client data was generated in the same way as it was when it was first setup.


Reference 1:

Reference 2:

The error message is pretty straightforward and you should try regenerating the secrets.

We've already done that.  In the end we did a workaround and wrote something in C# to generate it, but we still don't know why the newly generated secret doesn't work.  It was done in exactly the same way as it was previously when it worked before.

Hi Sienna,

We seem to have the same problem. The calls were successful before. After the client secret expired we created a new one and that works with Postman. So the calls in Postman are succesful, in OutSystems we get the error Invalid client secret is provided.


Hi Sienna,

After some more searching I found a solution. The problem was the new secret key. We first tried to implement the API in another environment and as that also didn't work the problem is not OutSystems holding information or anything.

The problem is probably in your new key, well actually the encoding of the key. If you have a + char in your key for example, that should be replaced with "%2B". 

Found the information here




YES, that was the problem - thank you Ruben!!

Cool.....I heard it has to do with swagger and that there are a number of encoding differences between postman and swagger.  It would helpful if it could handle both.