hegr_9613 avatar image
hegr_9613 asked

Oauth2 client credential grant flow not working on VM


I would like to use the Taxonomy API from Ebay via cronjob:

Both in Postman and locally I can generate an Access token.

However, all tokens that I generate locally are rejected:


Both requests (postman and local) appear identical to me:


I have already tried a few things and unfortunately still haven't found a solution.

If I use the Postman access token locally for my other request, everything works fine.

Edit: Request Body was wrong! Postman "scope" and code "scopes".

Kind regards

taxonomy apipostmantaxonomy
requests.png (56.6 KiB)
· 5
10 |600

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

michab2003 avatar image michab2003 commented ·

because sandbox is buggy all the time, try in production to be sure it's not because of anything sandbox related. postman lets you generate code, PHP, curl and more... curl for instance you can use 1:1 in your linux console....

0 Likes 0 ·
hegr_9613 avatar image hegr_9613 michab2003 commented ·

Thanks for the answer.

I changed the parameters to production and got the same result.

Kind regards

0 Likes 0 ·
michab2003 avatar image michab2003 hegr_9613 commented ·

whats the differnece between postman and your "local" ? isn´t postman running locally on your host ?

0 Likes 0 ·
Show more comments

1 Answer

michab2003 avatar image
michab2003 answered

Besides the fact, that a user token is working as well, postman creates this curl request:

curl --location --request POST '' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Accept: application/json' \
--header 'Authorization: Basic xxxxxxxxxxxx' \
--header 'Cookie: dp1=xxxxxxxxx; nonsession=xxxxxxxxxx' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'redirect_uri=<app-RuName-value>' \
--data-urlencode 'scope=' \
--data-urlencode '='

feel free to try..... if this is not working, things that can be wrong:

  • - wrong scopes
  • - wrong generated authorization header
  • - wrong content-type
  • - wrong grant_type
  • - wrong url-encoding

10 |600

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.