DocuSign authorization code grant flow gets invalid_grant error
The DocuSign documentation goes through an easy to follow authorization flow for code grant. I'm able to get the "code" from the initial GET request to /oath/auth but getting the tokens gives me an error of "invalid_grant" when I try in postman. I've followed the steps and have a request that looks like this using account-d.docusign.com for host:
POST /oauth/token
Content-Type: application/x-www-form-urlencoded
Authorization: Basic MjMwNTQ2YTctOWM1NS00MGFkLThmYmYtYWYyMDVkNTQ5NGFkOjMwODc1NTVlLTBhMWMtNGFhOC1iMzI2LTY4MmM3YmYyNzZlOQ==
grant_type=authorization_code&code=ey2dj3nd.AAAA39djasd3.dkn4449d21d
Two other members of my team have also tried with their developer accounts and all are getting invalid_grant errors. Is this no longer supported or are there common errors associated with this error that we might be able to investigate?
docusignapi
asked Oct 5 '16 at 18:33
welc0199welc0199
214
add a comment |
The DocuSign documentation goes through an easy to follow authorization flow for code grant. I'm able to get the "code" from the initial GET request to /oath/auth but getting the tokens gives me an error of "invalid_grant" when I try in postman. I've followed the steps and have a request that looks like this using account-d.docusign.com for host:
POST /oauth/token
Content-Type: application/x-www-form-urlencoded
Authorization: Basic MjMwNTQ2YTctOWM1NS00MGFkLThmYmYtYWYyMDVkNTQ5NGFkOjMwODc1NTVlLTBhMWMtNGFhOC1iMzI2LTY4MmM3YmYyNzZlOQ==
grant_type=authorization_code&code=ey2dj3nd.AAAA39djasd3.dkn4449d21d
Two other members of my team have also tried with their developer accounts and all are getting invalid_grant errors. Is this no longer supported or are there common errors associated with this error that we might be able to investigate?
docusignapi
asked Oct 5 '16 at 18:33
welc0199welc0199
214
I am also able to get the grant code but I am also getting the invalid_grant response when trying to get the post token. I used their sample integrator key and secret to check that the Base64 encoding matched their example in the docs, and it did match. I'm running into the same issue right now and would love to know what the problem is. I'll post an answer for you if I find one.
– billvsd
Oct 6 '16 at 3:16
add a comment |
The DocuSign documentation goes through an easy to follow authorization flow for code grant. I'm able to get the "code" from the initial GET request to /oath/auth but getting the tokens gives me an error of "invalid_grant" when I try in postman. I've followed the steps and have a request that looks like this using account-d.docusign.com for host:
POST /oauth/token
Content-Type: application/x-www-form-urlencoded
Authorization: Basic MjMwNTQ2YTctOWM1NS00MGFkLThmYmYtYWYyMDVkNTQ5NGFkOjMwODc1NTVlLTBhMWMtNGFhOC1iMzI2LTY4MmM3YmYyNzZlOQ==
grant_type=authorization_code&code=ey2dj3nd.AAAA39djasd3.dkn4449d21d
Two other members of my team have also tried with their developer accounts and all are getting invalid_grant errors. Is this no longer supported or are there common errors associated with this error that we might be able to investigate?
docusignapi
asked Oct 5 '16 at 18:33
welc0199welc0199
214
The DocuSign documentation goes through an easy to follow authorization flow for code grant. I'm able to get the "code" from the initial GET request to /oath/auth but getting the tokens gives me an error of "invalid_grant" when I try in postman. I've followed the steps and have a request that looks like this using account-d.docusign.com for host:
POST /oauth/token
Content-Type: application/x-www-form-urlencoded
Authorization: Basic MjMwNTQ2YTctOWM1NS00MGFkLThmYmYtYWYyMDVkNTQ5NGFkOjMwODc1NTVlLTBhMWMtNGFhOC1iMzI2LTY4MmM3YmYyNzZlOQ==
grant_type=authorization_code&code=ey2dj3nd.AAAA39djasd3.dkn4449d21d
Two other members of my team have also tried with their developer accounts and all are getting invalid_grant errors. Is this no longer supported or are there common errors associated with this error that we might be able to investigate?
docusignapi
docusignapi
asked Oct 5 '16 at 18:33
welc0199welc0199
214
asked Oct 5 '16 at 18:33
welc0199welc0199
214
asked Oct 5 '16 at 18:33
welc0199welc0199
214
asked Oct 5 '16 at 18:33
welc0199welc0199
214
asked Oct 5 '16 at 18:33
welc0199welc0199
214
214
I am also able to get the grant code but I am also getting the invalid_grant response when trying to get the post token. I used their sample integrator key and secret to check that the Base64 encoding matched their example in the docs, and it did match. I'm running into the same issue right now and would love to know what the problem is. I'll post an answer for you if I find one.
– billvsd
Oct 6 '16 at 3:16
add a comment |
I am also able to get the grant code but I am also getting the invalid_grant response when trying to get the post token. I used their sample integrator key and secret to check that the Base64 encoding matched their example in the docs, and it did match. I'm running into the same issue right now and would love to know what the problem is. I'll post an answer for you if I find one.
– billvsd
Oct 6 '16 at 3:16
I am also able to get the grant code but I am also getting the invalid_grant response when trying to get the post token. I used their sample integrator key and secret to check that the Base64 encoding matched their example in the docs, and it did match. I'm running into the same issue right now and would love to know what the problem is. I'll post an answer for you if I find one.
– billvsd
Oct 6 '16 at 3:16
I am also able to get the grant code but I am also getting the invalid_grant response when trying to get the post token. I used their sample integrator key and secret to check that the Base64 encoding matched their example in the docs, and it did match. I'm running into the same issue right now and would love to know what the problem is. I'll post an answer for you if I find one.
– billvsd
Oct 6 '16 at 3:16
add a comment |
2 Answers
2
active
oldest
votes
Re-check all of your values.
I was also getting the same invalid_grant response and could not figure out why at first. It turns out that I had a typo in the Content-Type header. I was using application/x-www-form-urlencode instead of application/x-www-form-urlencoded.
You may not be, but if you are submitting the exact Authorization Header as you've posted it here in your question (MjMwNTQ2YTctOWM1NS00MGFkLThmYmYtYWYyMDVkNTQ5NGFkOjMwODc1NTVlLTBhMWMtNGFhOC1iMzI2LTY4MmM3YmYyNzZlOQ==) it will fail with that message.
That is the base64 value for the sample integration key and sample secret key provided in their documentation. If you decode that string with an online base64decoder it will result in 230546a7-9c55-40ad-8fbf-af205d5494ad:3087555e-0a1c-4aa8-b326-682c7bf276e9. This is the same sample integration key and secret in the documentation.
Check the Authorization header you are submitting by encoding your integration key and secret (integrationKey:secret) using this online base64encoder. This will make sure the issue isn't with your base64 encoding of your integration key and secret. Once you have that value make sure your Authorization uses the word Basic before the value you got from this website. (Basic base64stringFromOnlineEncoder)
Check that the code your are submitting in the body of the post is not the sample code from their documentation. ey2dj3nd.AAAA39djasd3.dkn4449d21d is the sample code from their documentation. You may just be using that in your question as a placeholder but if you are submitting any of those values it will return invalid_grant. Make sure that the body of your post does not have any leading or trailing spaces.
- Have the correct Content-Type set application/x-www-form-urlencoded
- Have the correct Authorization header set Basic base64EncodedIntegrationKey:Secret
- Have the correct body using the valid code received from the GET request to /oauth/auth with no leading or trailing spaces, making sure you're not using the values from your question.
If you are still having trouble and you are not doing a user application but are doing a service integration you can use Legacy Authentication to get your oAuth2 token.
Alternative Method using Legacy Authentication for Service Integrations
This method does not use a grant code. You pass in the integration key, username and password into the X-DocuSign-Authentication header in JSON format.
Demo Server: demo.docusign.net
Production Server: www.docusign.net API
Version: v2
POST https://{server}/restapi/{apiVersion}/oauth2/token
Content-Type: application/x-www-form-urlencoded
X-DocuSign-Authentication: {"IntegratorKey":"your_integrator_key","Password":"docusign_account_password","Username":"docusign_account_username"}
grant_type=password&client_id=your_integrator_key&username=docusign_account_username&password=docusign_account_password&scope=api
If you are building a user application that requires the user enter their docusign credentials to generate the token, this alternative will not work for you.
answered Oct 6 '16 at 6:42
billvsdbillvsd
150110
1
Me and my 2 other teammates have double checked our values. We're not using the examples from the document - we're using our own generated integrator key and secret key from our developer accounts. Legacy Authentication is not an option for us.
– welc0199
Oct 7 '16 at 15:31
2
In that case, you haven't posted enough of your code to provide you with help. Yes it is supported, and I have provided you with common errors to check for, as you have asked for.
– billvsd
Oct 7 '16 at 17:35
2
integrationKey:secret - it'd be nice if the documentation said that!
– jleach
Feb 27 '18 at 13:39
What if in my flow, I don't want to use the auth GET flow for the user to grant access? In that case my only option is the legacy Authentication API? For example in a customer portal where the customer is logging in, we want to the customer to sign the contract in place, there is no DocuSign user to login!
– sam360
May 10 '18 at 0:30
add a comment |
In my case the problem was related to having set a wrong value for Content-Type header, namely "application/x-www-form-URIencoded" instead of the correct "application/x-www-form-urlencoded". Note though that in my case the problem was not a "typo" but an excessive trust in DocuSign documentation.
Indeed the wrong Content-Type is, at the time of writing, suggested directly into the documentation page where they describe the Authorization Code Grant workflow, see the image below for the relevant part.
Hopefully they will fix the documentation soon but for the time being be careful not to blindly copy & paste the code from their examples without thinking, as I initially did.
answered Jan 3 at 12:39
Sal BorrelliSal Borrelli
9113
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f39881341%2fdocusign-authorization-code-grant-flow-gets-invalid-grant-error%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
Re-check all of your values.
I was also getting the same invalid_grant response and could not figure out why at first. It turns out that I had a typo in the Content-Type header. I was using application/x-www-form-urlencode instead of application/x-www-form-urlencoded.
You may not be, but if you are submitting the exact Authorization Header as you've posted it here in your question (MjMwNTQ2YTctOWM1NS00MGFkLThmYmYtYWYyMDVkNTQ5NGFkOjMwODc1NTVlLTBhMWMtNGFhOC1iMzI2LTY4MmM3YmYyNzZlOQ==) it will fail with that message.
That is the base64 value for the sample integration key and sample secret key provided in their documentation. If you decode that string with an online base64decoder it will result in 230546a7-9c55-40ad-8fbf-af205d5494ad:3087555e-0a1c-4aa8-b326-682c7bf276e9. This is the same sample integration key and secret in the documentation.
Check the Authorization header you are submitting by encoding your integration key and secret (integrationKey:secret) using this online base64encoder. This will make sure the issue isn't with your base64 encoding of your integration key and secret. Once you have that value make sure your Authorization uses the word Basic before the value you got from this website. (Basic base64stringFromOnlineEncoder)
Check that the code your are submitting in the body of the post is not the sample code from their documentation. ey2dj3nd.AAAA39djasd3.dkn4449d21d is the sample code from their documentation. You may just be using that in your question as a placeholder but if you are submitting any of those values it will return invalid_grant. Make sure that the body of your post does not have any leading or trailing spaces.
- Have the correct Content-Type set application/x-www-form-urlencoded
- Have the correct Authorization header set Basic base64EncodedIntegrationKey:Secret
- Have the correct body using the valid code received from the GET request to /oauth/auth with no leading or trailing spaces, making sure you're not using the values from your question.
If you are still having trouble and you are not doing a user application but are doing a service integration you can use Legacy Authentication to get your oAuth2 token.
Alternative Method using Legacy Authentication for Service Integrations
This method does not use a grant code. You pass in the integration key, username and password into the X-DocuSign-Authentication header in JSON format.
Demo Server: demo.docusign.net
Production Server: www.docusign.net API
Version: v2
POST https://{server}/restapi/{apiVersion}/oauth2/token
Content-Type: application/x-www-form-urlencoded
X-DocuSign-Authentication: {"IntegratorKey":"your_integrator_key","Password":"docusign_account_password","Username":"docusign_account_username"}
grant_type=password&client_id=your_integrator_key&username=docusign_account_username&password=docusign_account_password&scope=api
If you are building a user application that requires the user enter their docusign credentials to generate the token, this alternative will not work for you.
answered Oct 6 '16 at 6:42
billvsdbillvsd
150110
1
Me and my 2 other teammates have double checked our values. We're not using the examples from the document - we're using our own generated integrator key and secret key from our developer accounts. Legacy Authentication is not an option for us.
– welc0199
Oct 7 '16 at 15:31
2
In that case, you haven't posted enough of your code to provide you with help. Yes it is supported, and I have provided you with common errors to check for, as you have asked for.
– billvsd
Oct 7 '16 at 17:35
2
integrationKey:secret - it'd be nice if the documentation said that!
– jleach
Feb 27 '18 at 13:39
What if in my flow, I don't want to use the auth GET flow for the user to grant access? In that case my only option is the legacy Authentication API? For example in a customer portal where the customer is logging in, we want to the customer to sign the contract in place, there is no DocuSign user to login!
– sam360
May 10 '18 at 0:30
add a comment |
Re-check all of your values.
I was also getting the same invalid_grant response and could not figure out why at first. It turns out that I had a typo in the Content-Type header. I was using application/x-www-form-urlencode instead of application/x-www-form-urlencoded.
You may not be, but if you are submitting the exact Authorization Header as you've posted it here in your question (MjMwNTQ2YTctOWM1NS00MGFkLThmYmYtYWYyMDVkNTQ5NGFkOjMwODc1NTVlLTBhMWMtNGFhOC1iMzI2LTY4MmM3YmYyNzZlOQ==) it will fail with that message.
That is the base64 value for the sample integration key and sample secret key provided in their documentation. If you decode that string with an online base64decoder it will result in 230546a7-9c55-40ad-8fbf-af205d5494ad:3087555e-0a1c-4aa8-b326-682c7bf276e9. This is the same sample integration key and secret in the documentation.
Check the Authorization header you are submitting by encoding your integration key and secret (integrationKey:secret) using this online base64encoder. This will make sure the issue isn't with your base64 encoding of your integration key and secret. Once you have that value make sure your Authorization uses the word Basic before the value you got from this website. (Basic base64stringFromOnlineEncoder)
Check that the code your are submitting in the body of the post is not the sample code from their documentation. ey2dj3nd.AAAA39djasd3.dkn4449d21d is the sample code from their documentation. You may just be using that in your question as a placeholder but if you are submitting any of those values it will return invalid_grant. Make sure that the body of your post does not have any leading or trailing spaces.
- Have the correct Content-Type set application/x-www-form-urlencoded
- Have the correct Authorization header set Basic base64EncodedIntegrationKey:Secret
- Have the correct body using the valid code received from the GET request to /oauth/auth with no leading or trailing spaces, making sure you're not using the values from your question.
If you are still having trouble and you are not doing a user application but are doing a service integration you can use Legacy Authentication to get your oAuth2 token.
Alternative Method using Legacy Authentication for Service Integrations
This method does not use a grant code. You pass in the integration key, username and password into the X-DocuSign-Authentication header in JSON format.
Demo Server: demo.docusign.net
Production Server: www.docusign.net API
Version: v2
POST https://{server}/restapi/{apiVersion}/oauth2/token
Content-Type: application/x-www-form-urlencoded
X-DocuSign-Authentication: {"IntegratorKey":"your_integrator_key","Password":"docusign_account_password","Username":"docusign_account_username"}
grant_type=password&client_id=your_integrator_key&username=docusign_account_username&password=docusign_account_password&scope=api
If you are building a user application that requires the user enter their docusign credentials to generate the token, this alternative will not work for you.
answered Oct 6 '16 at 6:42
billvsdbillvsd
150110
1
Me and my 2 other teammates have double checked our values. We're not using the examples from the document - we're using our own generated integrator key and secret key from our developer accounts. Legacy Authentication is not an option for us.
– welc0199
Oct 7 '16 at 15:31
2
In that case, you haven't posted enough of your code to provide you with help. Yes it is supported, and I have provided you with common errors to check for, as you have asked for.
– billvsd
Oct 7 '16 at 17:35
2
integrationKey:secret - it'd be nice if the documentation said that!
– jleach
Feb 27 '18 at 13:39
What if in my flow, I don't want to use the auth GET flow for the user to grant access? In that case my only option is the legacy Authentication API? For example in a customer portal where the customer is logging in, we want to the customer to sign the contract in place, there is no DocuSign user to login!
– sam360
May 10 '18 at 0:30
add a comment |
Re-check all of your values.
I was also getting the same invalid_grant response and could not figure out why at first. It turns out that I had a typo in the Content-Type header. I was using application/x-www-form-urlencode instead of application/x-www-form-urlencoded.
You may not be, but if you are submitting the exact Authorization Header as you've posted it here in your question (MjMwNTQ2YTctOWM1NS00MGFkLThmYmYtYWYyMDVkNTQ5NGFkOjMwODc1NTVlLTBhMWMtNGFhOC1iMzI2LTY4MmM3YmYyNzZlOQ==) it will fail with that message.
That is the base64 value for the sample integration key and sample secret key provided in their documentation. If you decode that string with an online base64decoder it will result in 230546a7-9c55-40ad-8fbf-af205d5494ad:3087555e-0a1c-4aa8-b326-682c7bf276e9. This is the same sample integration key and secret in the documentation.
Check the Authorization header you are submitting by encoding your integration key and secret (integrationKey:secret) using this online base64encoder. This will make sure the issue isn't with your base64 encoding of your integration key and secret. Once you have that value make sure your Authorization uses the word Basic before the value you got from this website. (Basic base64stringFromOnlineEncoder)
Check that the code your are submitting in the body of the post is not the sample code from their documentation. ey2dj3nd.AAAA39djasd3.dkn4449d21d is the sample code from their documentation. You may just be using that in your question as a placeholder but if you are submitting any of those values it will return invalid_grant. Make sure that the body of your post does not have any leading or trailing spaces.
- Have the correct Content-Type set application/x-www-form-urlencoded
- Have the correct Authorization header set Basic base64EncodedIntegrationKey:Secret
- Have the correct body using the valid code received from the GET request to /oauth/auth with no leading or trailing spaces, making sure you're not using the values from your question.
If you are still having trouble and you are not doing a user application but are doing a service integration you can use Legacy Authentication to get your oAuth2 token.
Alternative Method using Legacy Authentication for Service Integrations
This method does not use a grant code. You pass in the integration key, username and password into the X-DocuSign-Authentication header in JSON format.
Demo Server: demo.docusign.net
Production Server: www.docusign.net API
Version: v2
POST https://{server}/restapi/{apiVersion}/oauth2/token
Content-Type: application/x-www-form-urlencoded
X-DocuSign-Authentication: {"IntegratorKey":"your_integrator_key","Password":"docusign_account_password","Username":"docusign_account_username"}
grant_type=password&client_id=your_integrator_key&username=docusign_account_username&password=docusign_account_password&scope=api
If you are building a user application that requires the user enter their docusign credentials to generate the token, this alternative will not work for you.
answered Oct 6 '16 at 6:42
billvsdbillvsd
150110
Re-check all of your values.
I was also getting the same invalid_grant response and could not figure out why at first. It turns out that I had a typo in the Content-Type header. I was using application/x-www-form-urlencode instead of application/x-www-form-urlencoded.
You may not be, but if you are submitting the exact Authorization Header as you've posted it here in your question (MjMwNTQ2YTctOWM1NS00MGFkLThmYmYtYWYyMDVkNTQ5NGFkOjMwODc1NTVlLTBhMWMtNGFhOC1iMzI2LTY4MmM3YmYyNzZlOQ==) it will fail with that message.
That is the base64 value for the sample integration key and sample secret key provided in their documentation. If you decode that string with an online base64decoder it will result in 230546a7-9c55-40ad-8fbf-af205d5494ad:3087555e-0a1c-4aa8-b326-682c7bf276e9. This is the same sample integration key and secret in the documentation.
Check the Authorization header you are submitting by encoding your integration key and secret (integrationKey:secret) using this online base64encoder. This will make sure the issue isn't with your base64 encoding of your integration key and secret. Once you have that value make sure your Authorization uses the word Basic before the value you got from this website. (Basic base64stringFromOnlineEncoder)
Check that the code your are submitting in the body of the post is not the sample code from their documentation. ey2dj3nd.AAAA39djasd3.dkn4449d21d is the sample code from their documentation. You may just be using that in your question as a placeholder but if you are submitting any of those values it will return invalid_grant. Make sure that the body of your post does not have any leading or trailing spaces.
- Have the correct Content-Type set application/x-www-form-urlencoded
- Have the correct Authorization header set Basic base64EncodedIntegrationKey:Secret
- Have the correct body using the valid code received from the GET request to /oauth/auth with no leading or trailing spaces, making sure you're not using the values from your question.
If you are still having trouble and you are not doing a user application but are doing a service integration you can use Legacy Authentication to get your oAuth2 token.
Alternative Method using Legacy Authentication for Service Integrations
This method does not use a grant code. You pass in the integration key, username and password into the X-DocuSign-Authentication header in JSON format.
Demo Server: demo.docusign.net
Production Server: www.docusign.net API
Version: v2
POST https://{server}/restapi/{apiVersion}/oauth2/token
Content-Type: application/x-www-form-urlencoded
X-DocuSign-Authentication: {"IntegratorKey":"your_integrator_key","Password":"docusign_account_password","Username":"docusign_account_username"}
grant_type=password&client_id=your_integrator_key&username=docusign_account_username&password=docusign_account_password&scope=api
If you are building a user application that requires the user enter their docusign credentials to generate the token, this alternative will not work for you.
answered Oct 6 '16 at 6:42
billvsdbillvsd
150110
answered Oct 6 '16 at 6:42
billvsdbillvsd
150110
answered Oct 6 '16 at 6:42
billvsdbillvsd
150110
answered Oct 6 '16 at 6:42
billvsdbillvsd
150110
150110
1
Me and my 2 other teammates have double checked our values. We're not using the examples from the document - we're using our own generated integrator key and secret key from our developer accounts. Legacy Authentication is not an option for us.
– welc0199
Oct 7 '16 at 15:31
2
In that case, you haven't posted enough of your code to provide you with help. Yes it is supported, and I have provided you with common errors to check for, as you have asked for.
– billvsd
Oct 7 '16 at 17:35
2
integrationKey:secret - it'd be nice if the documentation said that!
– jleach
Feb 27 '18 at 13:39
What if in my flow, I don't want to use the auth GET flow for the user to grant access? In that case my only option is the legacy Authentication API? For example in a customer portal where the customer is logging in, we want to the customer to sign the contract in place, there is no DocuSign user to login!
– sam360
May 10 '18 at 0:30
add a comment |
1
Me and my 2 other teammates have double checked our values. We're not using the examples from the document - we're using our own generated integrator key and secret key from our developer accounts. Legacy Authentication is not an option for us.
– welc0199
Oct 7 '16 at 15:31
2
In that case, you haven't posted enough of your code to provide you with help. Yes it is supported, and I have provided you with common errors to check for, as you have asked for.
– billvsd
Oct 7 '16 at 17:35
2
integrationKey:secret - it'd be nice if the documentation said that!
– jleach
Feb 27 '18 at 13:39
What if in my flow, I don't want to use the auth GET flow for the user to grant access? In that case my only option is the legacy Authentication API? For example in a customer portal where the customer is logging in, we want to the customer to sign the contract in place, there is no DocuSign user to login!
– sam360
May 10 '18 at 0:30
1
1
Me and my 2 other teammates have double checked our values. We're not using the examples from the document - we're using our own generated integrator key and secret key from our developer accounts. Legacy Authentication is not an option for us.
– welc0199
Oct 7 '16 at 15:31
Me and my 2 other teammates have double checked our values. We're not using the examples from the document - we're using our own generated integrator key and secret key from our developer accounts. Legacy Authentication is not an option for us.
– welc0199
Oct 7 '16 at 15:31
2
2
In that case, you haven't posted enough of your code to provide you with help. Yes it is supported, and I have provided you with common errors to check for, as you have asked for.
– billvsd
Oct 7 '16 at 17:35
In that case, you haven't posted enough of your code to provide you with help. Yes it is supported, and I have provided you with common errors to check for, as you have asked for.
– billvsd
Oct 7 '16 at 17:35
2
2
integrationKey:secret - it'd be nice if the documentation said that!
– jleach
Feb 27 '18 at 13:39
integrationKey:secret - it'd be nice if the documentation said that!
– jleach
Feb 27 '18 at 13:39
What if in my flow, I don't want to use the auth GET flow for the user to grant access? In that case my only option is the legacy Authentication API? For example in a customer portal where the customer is logging in, we want to the customer to sign the contract in place, there is no DocuSign user to login!
– sam360
May 10 '18 at 0:30
What if in my flow, I don't want to use the auth GET flow for the user to grant access? In that case my only option is the legacy Authentication API? For example in a customer portal where the customer is logging in, we want to the customer to sign the contract in place, there is no DocuSign user to login!
– sam360
May 10 '18 at 0:30
add a comment |
In my case the problem was related to having set a wrong value for Content-Type header, namely "application/x-www-form-URIencoded" instead of the correct "application/x-www-form-urlencoded". Note though that in my case the problem was not a "typo" but an excessive trust in DocuSign documentation.
Indeed the wrong Content-Type is, at the time of writing, suggested directly into the documentation page where they describe the Authorization Code Grant workflow, see the image below for the relevant part.
Hopefully they will fix the documentation soon but for the time being be careful not to blindly copy & paste the code from their examples without thinking, as I initially did.
answered Jan 3 at 12:39
Sal BorrelliSal Borrelli
9113
add a comment |
In my case the problem was related to having set a wrong value for Content-Type header, namely "application/x-www-form-URIencoded" instead of the correct "application/x-www-form-urlencoded". Note though that in my case the problem was not a "typo" but an excessive trust in DocuSign documentation.
Indeed the wrong Content-Type is, at the time of writing, suggested directly into the documentation page where they describe the Authorization Code Grant workflow, see the image below for the relevant part.
Hopefully they will fix the documentation soon but for the time being be careful not to blindly copy & paste the code from their examples without thinking, as I initially did.
answered Jan 3 at 12:39
Sal BorrelliSal Borrelli
9113
add a comment |
In my case the problem was related to having set a wrong value for Content-Type header, namely "application/x-www-form-URIencoded" instead of the correct "application/x-www-form-urlencoded". Note though that in my case the problem was not a "typo" but an excessive trust in DocuSign documentation.
Indeed the wrong Content-Type is, at the time of writing, suggested directly into the documentation page where they describe the Authorization Code Grant workflow, see the image below for the relevant part.
Hopefully they will fix the documentation soon but for the time being be careful not to blindly copy & paste the code from their examples without thinking, as I initially did.
answered Jan 3 at 12:39
Sal BorrelliSal Borrelli
9113
In my case the problem was related to having set a wrong value for Content-Type header, namely "application/x-www-form-URIencoded" instead of the correct "application/x-www-form-urlencoded". Note though that in my case the problem was not a "typo" but an excessive trust in DocuSign documentation.
Indeed the wrong Content-Type is, at the time of writing, suggested directly into the documentation page where they describe the Authorization Code Grant workflow, see the image below for the relevant part.
Hopefully they will fix the documentation soon but for the time being be careful not to blindly copy & paste the code from their examples without thinking, as I initially did.
answered Jan 3 at 12:39
Sal BorrelliSal Borrelli
9113
answered Jan 3 at 12:39
Sal BorrelliSal Borrelli
9113
answered Jan 3 at 12:39
Sal BorrelliSal Borrelli
9113
answered Jan 3 at 12:39
Sal BorrelliSal Borrelli
9113
9113
add a comment |
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f39881341%2fdocusign-authorization-code-grant-flow-gets-invalid-grant-error%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
I am also able to get the grant code but I am also getting the invalid_grant response when trying to get the post token. I used their sample integrator key and secret to check that the Base64 encoding matched their example in the docs, and it did match. I'm running into the same issue right now and would love to know what the problem is. I'll post an answer for you if I find one.
– billvsd
Oct 6 '16 at 3:16