CA API Management: Unable to generate tokens using a public client with the client credentials grant type

Document ID : KB000072677
Last Modified Date : 07/03/2018
Show Technical Document Details
Issue:
Despite having verified that the client id and secret are valid you continue to receive the below error:

{
  "error":"invalid_client",
  "error_description":"The given client credentials were not valid"
}

This error will also be noticed in your ssg log:

public client error
Changing to a confidential client does not exhibit this behavior..
Resolution:
This is working as designed and adheres to RFC6749 section 4.4.

"The client credentials grant type MUST only be used by confidential clients."

As public clients have no expectation of securely maintaining a client secret they cannot be used with this grant type.