Log in to AnswerLog in to Follow
2020-04-02 21-06-12
Sienna
162Views
8Comments
Solved
SharePoint PostOAuth error: "Invalid client secret is provided"
Question

Our access token for SharePoint has expired so a new client id and client secret have been generated as per the 2 articles referenced below, however when running the POST below, it returns the error description: "Invalid client secret is provided." (The parameters for testing the POST were manually added to the body content using the following format: grant_type=<GrantType>&client_id=<ClientId>&client_secret=<ClientSecret>&resource=<Resource>)

Is anyone able to shed any light on why this might be happening? The client data was generated in the same way as it was when it was first setup.

POST: https://accounts.accesscontrol.windows.net/<TenantId>/tokens/OAuth/2

Reference 1: https://www.ktskumar.com/2017/01/access-sharepoint-online-using-postman/

Reference 2: https://kolaberate.com/Articles/2018/08/22/integrating-sharepoint-with-outsystems/

1
0
17 Oct 2019

Hi Sienna,

After some more searching I found a solution. The problem was the new secret key. We first tried to implement the API in another environment and as that also didn't work the problem is not OutSystems holding information or anything.

The problem is probably in your new key, well actually the encoding of the key. If you have a + char in your key for example, that should be replaced with "%2B". 

Found the information here https://www.outsystems.com/forums/discussion/22572/outsystems-encoding-issue-in-restapi-content-type-application-x-www-form-urlenco/

Regards,

Ruben

See solution in context
0
0
06 Nov 2019

The error message is pretty straightforward and you should try regenerating the secrets.

0
0
22 Oct 2019

We've already done that.  In the end we did a workaround and wrote something in C# to generate it, but we still don't know why the newly generated secret doesn't work.  It was done in exactly the same way as it was previously when it worked before.

1
0
01 Nov 2019

Hi Sienna,

We seem to have the same problem. The calls were successful before. After the client secret expired we created a new one and that works with Postman. So the calls in Postman are succesful, in OutSystems we get the error Invalid client secret is provided.

0
0
06 Nov 2019

Hi Sienna,

After some more searching I found a solution. The problem was the new secret key. We first tried to implement the API in another environment and as that also didn't work the problem is not OutSystems holding information or anything.

The problem is probably in your new key, well actually the encoding of the key. If you have a + char in your key for example, that should be replaced with "%2B". 

Found the information here https://www.outsystems.com/forums/discussion/22572/outsystems-encoding-issue-in-restapi-content-type-application-x-www-form-urlenco/

Regards,

Ruben

0
0
06 Nov 2019

YES, that was the problem - thank you Ruben!!

0
0
07 Nov 2019
0
0
07 Nov 2019

Cool.....I heard it has to do with swagger and that there are a number of encoding differences between postman and swagger.  It would helpful if it could handle both.

0
0
08 Nov 2019

Thanks, you save my life for %2B 

0
0
23 Apr
Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.