This API does not support client credentials for authorization

Hello, I am attempting to update to the OAuth from the JWT and ran into a problem. I have created a server-to-server-oauth app and have the keys. I can retrieve a token but when I try to use the token, it returns the error, “This API does not support client credentials for authorization.”

From what I can find in the forums, I need to change the grant type from “client_credentials” to “account_credentials”. However, that returns “invalid request”

This is in PHP, and I am using the package “league/oauth2-client” to get the token.

I am attempting to salvage the existing code base which uses Guzzle, and get a token and attach that to the Guzzle requests.

The code is rather simple,

$provider = new \League\OAuth2\Client\Provider\GenericProvider(
‘clientId’ => ‘…’, // The client ID assigned to you by the provider
‘clientSecret’ => ‘…’, // The client password assigned to you by the provider
‘redirectUri’ => ‘’,
‘urlAccessToken’ => ‘’,

$accessToken = $provider->getAccessToken('client_credentials');

This does work as I do receive a token, but I can’t seem to access the endpoints with it.

An example endpoint, users/[email]/webinars, to just receive a list of webinars.

Am I missing something?

  1. Please make sure that you are using a server to server Oauth app and not a user authorized oauth app
  2. Please remove the redirect_url query parameter
  1. I created the app in the marketplace and it said server to server oauth. I don’t see anything about this being a user oauth app.
  2. ah ok. Still doesn’t give me a valid token

Can you try using a tool like postman to see if you are able to receive a token with the same credentials?

I wasn’t able to get postman to make a successful token request. It just keeps giving an error, "Invalid redirect: (4,700) " that I was not able to find a solution for.

whats the base url that you are using?

it should be something like:

To request the token, ‘’, then, ‘’ as the base for the client request.

I just tried postman with the bearer token I got and I received the same error message about not being authorized.

Is a valid API path?

the link you provided returns a error, " Invalid response received from Authorization Server."

I was not able to get it to work with Guzzle, because of some kind of header bug.

I used this command as a basis for this request.

curl -X POST -d 'grant_type=account_credentials' -d 'account_id=#ID#' -H 'Host:' -H 'Authorization: Basic ##base64_string##'

taken from, Server-to-Server OAuth

Once I had the correct keys in that command, I was able to get a token and then use Postman to test a request. Everything worked.

I posted a bug report on Guzzle, Host Header · Issue #3176 · guzzle/guzzle · GitHub if you want to see the Guzzle code.

I was able to make it work using Curl,

$curl = curl_init();

    curl_setopt($curl, CURLOPT_URL, '');
    curl_setopt($curl, CURLOPT_POST, true);

    $data = array(
        'grant_type' => 'account_credentials',
        'account_id' => $account_id
    curl_setopt($curl, CURLOPT_POSTFIELDS, $data);

// $r is base_64encode string... I was not able to make it work If I actually put an array for the 
    authorization header it would fail but if it did it like this it worked

    $headers = array(
        'Host' => '',
        "Authorization: Basic $r"
    curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);

    $response = curl_exec($curl);



Anyway, hope this helps someone in the future.

This is giving me an error php curl
{“reason”:“Invalid client_id or client_secret”,“error”:“invalid_client”}bool(true)