'401 Unauthorized error' when utilizing OAUTH 2.0 Client Credentials in API Explorer

Document ID : KB000004284
Last Modified Date : 14/02/2018
Show Technical Document Details
Issue:

API Explorer presents a '401 Unauthorized Error' whilst testing APIs in conjunction with the OAuth 2.0 Client Credentials grant type.

Cause:

Per the OAuth 2.0 IETF RFC 'Client Credentials' grant type is only usable with confidential clients.

Resolution:

Edit the published application and change the grant type from public to confidential.

To edit an existing application's grant type:

1. Log in to the CA API Management SaaS Portal

2. On the navigation bar, click Applications.

3. On the Actions menu beside the Application, client Edit.

4. Edit the application grant type:

  • On the Auth tab adjust the type from Public to Confidential.

5. Click Save.

6. Repeat the API Explorer test as outlined in the following the Test and Explore APIs documentation.