Error 401 Invalid client_id or client_secret

Trying to request access token for oauth 2.0 by POST to /oauth/token ends up here:
“reason”: “Invalid client_id or client_secret”,
“error”: “invalid_client”
I’ve checked client_id and client_secret again and again…
Posting with axios from a node js app. Tested it with Postman - same result

request-parameters: “grant_type=authorization_code&code=xxxxxxx&”,

The xxxxxx in the Authorization of headers is base64 encoded “client_id:client_secret” provided in the generated oauth2-app. redirect_uri is whitelisted

Which App Type (OAuth / Chatbot / JWT / Webhook)?

Which Endpoint/s?

Hi @thomashummer ,

Happy to help. Can you please share the url from the page that’s giving you the invalid client_id or client_secret response?

I also noticed you’re using ngrok to authorize. Are you updating the white list link when you reboot your server/the link changes?

Thank you,

Hi Gianni,
i tried it with ngrok because i had about 100 tries that didn’t work on production-server. Yes i update the whitelist.
My development url is:

Both systems running and whitelisted

Hi @thomashummer ,

Thank you! And to clarify,your Content-Type in the headers is application/x-www-form-urlencoded?

Send the link to this inquiry to and we can coordinate a time to meet so I can look at your set up on the Marketplace App Credentials page and in Postman.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.