Always getting "access_denied" error in access token api /oauth/token even if all credentials are correct

Here's a Node.js server error insight.

Hey @radhe thanks for stopping by the community, just wanted to check is this for the VideoAsk API?

Hello @Grace, thanks for asking, Yes, it’s for a VideoAsk API and here’s URL:  https://auth.videoask.com/oauth/token

Thanks for confirming @radhe let me take this to the experts and find out what the issue is here

Hi @Grace, any updates on this?

Hi @radhe sorry for the delay, let me chase them up now and see if they’ve got to the bottom of the issue!

Hi @radhe our developers have asked for some more information from you:

• Requests done

• Order of request

• Parameters used

Would you be able to share these?

Hello @Grace sorry for the delay in response, here you go.

Step 1: I'm calling the API to get the Temporary Authorization Code

Request URL: https://auth.videoask.com/authorize?response_type=code&audience=https://api.videoask.com/&client_id={client_id}&scope=openid%20profile%20email&redirect_uri=https://api.impacterpathway.com

Request Type: GET

Step 2: After obtaining the Temporary Authorization Code, I'm making a call for Access and Refresh Tokens.

Request URL: https://auth.videoask.com/oauth/token

Request Type: POST

Request Payload:

{ "grant_type": "authorization_code", "client_id": "{your_client_id}", "client_secret": "{your_client_secret}", "code": "{temporary_authorization_code}", "redirect_uri": "https://api.impacterpathway.com"

Step 1 is successful in obtaining the Temporary Authorization Code, but I'm struggling to get the Access and Refresh Tokens in step 2.

Let me know if you require further assistance. Thanks!

Thanks @radhe I’ve passed it over to the engineers to look into - will keep you posted!

Hi @radhe it looks like this is a bug, the engineers are investigating and as soon as I have another update I will post it here

Hey @Grace, any new updates on this?

Hi @radhe sorry for the radio silence, I know the team were working on it but I don’t think they have a fix yet - let me chase them!

Hi @Grace, just checking in for an update on this matter?

Hi @radhe it’s still being worked on, I don’t have an update yet but as soon as I do I will let you know 🙏

Hi @radhe the team are doing some testing and everything is working fine for them, so they want to check you have the required parameters that need to be sent in the oauth/token request. 

Can you confirm/double check the following are correct:

1. code with the temporary code obtained from the previous authorization link

2. client_id do you have more than one developer app?

3. client_secret 

4. grant_type (this looks correct)

5. code the temporary code is obtained from the redirect_uri after calling authorize as a query param https://your-example-app.com/callback?code={temporary_authorization_code}

If this is all setup correctly, we may need move this conversation over to an email thread so they developers can get some more log information from you.

Hi @radhe would you be able to provide some more information for our team to continue their investigations? ⬆ 

Hi @radhe I hope you’re doing well! Were you able to solve the issue? Let us know if you still need help!