API V2 authorization error using APIKEY
As far as I can tell, APIKEY authorization according to:
POST /auth/token HTTP/1.1
Authorization: Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
grant_type=client_credentials&scope=contacts finances events
simply doesn't work, always returning a "scope xxxx is not available for current client" for every scope I've tried (from the table on the same page).
Is this just completely broken, or something is missing. I note that there is no place in the API for the "application name". I also note that I don't get an "authorization error", as I would get if I use an incorrect base64-encoded API key, so it must be authenticating correctly.
Has *anyone* used APIKEY authentication? If so, does someone have a simple cURL command that proves it works?
The reason was a new line in ‘scope’ value.
To update (and why oh WHY doesn't this forum show dates on these posts!???) the problem was a dangling newline in the POST data. It was confusing because the same dangling newline is in the POST for client_credentials\n, but it didn't complain about this, only when it was on the scope=whatever\n did the call complain.
Well, it turns out that *omitting* the scope parameter succeeds in getting back an access token -- although the returned "AvailableScopes" array is empty.
How does one create available scopes? And why does the documentation say that "scope=auto" should return all available scopes, when in fact it returns an error?