Login
      Contents x
      Server-to-Server Access Token Troubleshooting
      • 1 Minute to read
        Contents

        Server-to-Server Access Token Troubleshooting

        • 1 Minute to read
          Article summary

          Invalid client errors

          • JWT is not valid

          • Client authentication failed

          Invalid request error

          • Grant type is not set

          Invalid scope error

          • Unknown/invalid scope(s): [open]

          Invalid client errors

          The error invalid client will appear if the JWT assertion is not correct. This error may occur if:

          • The JWT has expired or is invalid.

          • The audience is wrong

          • Client ID is not found

          • Client_ID or secret are invalid

          JWT is not valid error

          If the ‘JWT expired error’ (shown below) occurs, check the jwt claim values "exp" and "iat". Both values should be in seconds (EPOCH time) and 'exp' should be in the future but less than the server side configured time (i.e., 24 hrs).

          { 
 "error_description": "JWT has expired or is not valid", 
 "error": "invalid_client" 
}

          Client authentication failed error

          If the error shown below occurs, follow the steps below to correct it.

          { 
 "error_description": "Client authentication failed", 
 "error": "invalid_client" 
}

          1. Make sure the realm value is correct.

          2. Make sure the client_id, client_secret used in JWT are correct.

          3. Make sure the client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer (check for typos or any hidden special characters in value).

          4. Log request and check all endpoints, parameter names and values properly. Check URL encoded values to make sure they are accurate.

          5. Make sure the correct endpoint is targeted.

          6. If the first five steps do not resolve the error, then delete static values for grant_type, client_assertion_type, scope, realm etc. and re-add manually to avoid any copy paste resulting in invisible special characters.

          Invalid request error

          If the error shown below occurs make sure that the check grant_type is set and that the value is client_credentials.

          { 
 "error_description": "Grant type is not set", 
 "error": "invalid_request" 
}

          Invalid scope error

          If the error shown below occurs check that the scope is set correctly.

          { 
 "error_description": "Unknown/invalid scope(s): [open]", 
 "error": "invalid_scope" 
}

          Was this article helpful?
          What's Next
          Support
          Brands
          • © 2024 Yahoo. All rights reserved.
          Change password!
          Changing your password will log you out immediately. Use the new password to log back in.
          Change profile
          Success!
          First name must have atleast 2 characters. Numbers and special characters are not allowed.
          Last name must have atleast 1 characters. Numbers and special characters are not allowed.
          Enter a valid email
          Enter a valid password
          Your profile has been successfully updated.
          Logout