Open API - Always get errorCode -44106, 'The Client Id Or Client Secret is Invalid'

Open API - Always get errorCode -44106, 'The Client Id Or Client Secret is Invalid'

Open API - Always get errorCode -44106, 'The Client Id Or Client Secret is Invalid'
Open API - Always get errorCode -44106, 'The Client Id Or Client Secret is Invalid'
2024-02-17 13:07:14 - last edited 2024-08-28 16:43:39
Model: OC200  
Hardware Version: V5
Firmware Version: 1.26.3 Build 20230906 Rel.36269

Trying to access the Open API against my hardware OC200 controller, but always get a Client/Secret invalid error.

Following instructions here https://use1-omada-northbound.tplinkcloud.com/doc.html#/home  

 

Tried the Access Token method

  1. call to /authorize/login works, so the CLIENT ID and OMADAC ID must be correct
  2. call to /authorize/code works, and get the authCode, and again CLIENT ID and OMADAC ID must be correct
  3. call to /authorize/token fails, sending the CLIENT SECRET and authCode, and get 'The Client Id Or Client Secret is Invalid'
    • The Client Secret is copy-pasted from the Controller Application Integration page for an application with the Access Token mode

 

Tried the Client method

  • call to /authorize/token
    • The Client Secret is copy-pasted from the Controller Application Integration page for an application with the Client mode
    • curl "https://xxxx:443/openapi/authorize/token?grant_type=client_credentials" -H 'content-type:application/json' -d '{"omadacId": "xxxx", "client_id": "xxxx", "client_secret": "xxxx"}' -X POST -i -k --insecure
    • Always get 'The Client Id Or Client Secret is Invalid'

 

So it looks like both methods always fail for the same reason. As the Access Token validates and uses the Controller Id and Client Id in the first 2 steps, I'm guessing there is something wrong with the Client Secret given on the Controller Application Integration page. 

 

Or is there something else I need to do in order to enable Open API access?

 

 

 

 

  0      
  0      
#1
Options
1 Accepted Solution
Re:Open API - Always get errorCode -44106, 'The Client Id Or Client Secret is Invalid'-Solution
2024-08-28 14:56:48 - last edited 2024-08-28 16:43:39

@MindInTheShadow

 

Sorry just seen this...smiley

 

Yes, the OpenAPI documentation is basically full of errors, and very wrong indeed.

 

However, I got it to work by duplicating most of what I pass as parameters, also in the json payload

 

For LOGIN via {BASEURL}/authorize/token

 

You've got to pass the following as HEADERS:

  • 'content-type': 'application/json'

 

As Request PARAMS:

  • 'grant_type': 'client_credentials',
  • 'client_secret': CLIENT_SECRET
  • 'omadacId': CONTROLLER_ID
  • 'client_id': CLIENT_ID

 

As JSON payload:

  • A dictionary of all the exact same Request PARAMs above.
  • Duplicated!

 

--

 

Same thing applies to most other API calls..

 

 

By the way - OpenAPI support is being DROPPED in v5.15 if you're on the OC200. TPLINK says you must upgrade to the OC300. Extortion!

 

 

Recommended Solution
  1  
  1  
#5
Options
4 Reply
Re:Open API - Always get errorCode -44106, 'The Client Id Or Client Secret is Invalid'
2024-02-18 07:15:28

  @clogtastic 

 

Hey, need to contact the support team.

 

Just striving to develop myself while helping others.
  0  
  0  
#2
Options
Re:Open API - Always get errorCode -44106, 'The Client Id Or Client Secret is Invalid'
2024-02-18 13:23:49

  @Virgo thanks! 

 

But I don't have a redirect url specified, and also 

Virgo wrote

  @clogtastic 

 

Hey, need to contact the support team.

 

Client mode doesn't work either. So this is not applicable in those situations I think? 

  0  
  0  
#3
Options
Re:Open API - Always get errorCode -44106, 'The Client Id Or Client Secret is Invalid'
2024-08-01 18:06:31

  @clogtastic Were you able to solve this issue? I'm having the same problem. I'm following the API documentation to a T

  0  
  0  
#4
Options
Re:Open API - Always get errorCode -44106, 'The Client Id Or Client Secret is Invalid'-Solution
2024-08-28 14:56:48 - last edited 2024-08-28 16:43:39

@MindInTheShadow

 

Sorry just seen this...smiley

 

Yes, the OpenAPI documentation is basically full of errors, and very wrong indeed.

 

However, I got it to work by duplicating most of what I pass as parameters, also in the json payload

 

For LOGIN via {BASEURL}/authorize/token

 

You've got to pass the following as HEADERS:

  • 'content-type': 'application/json'

 

As Request PARAMS:

  • 'grant_type': 'client_credentials',
  • 'client_secret': CLIENT_SECRET
  • 'omadacId': CONTROLLER_ID
  • 'client_id': CLIENT_ID

 

As JSON payload:

  • A dictionary of all the exact same Request PARAMs above.
  • Duplicated!

 

--

 

Same thing applies to most other API calls..

 

 

By the way - OpenAPI support is being DROPPED in v5.15 if you're on the OC200. TPLINK says you must upgrade to the OC300. Extortion!

 

 

Recommended Solution
  1  
  1  
#5
Options