We’ve got the reporting service running on an internal VM that needs to hit analytics:report:read without tying up a user session. The client_credentials flow seems right on paper but the POST to /api/v2/oauth/token keeps bombing with a 400. The response body just says invalid_request. We’ve verified the credentials against the admin portal. The client secret contains a % character. We’re sending application/x-www-form-urlencoded. The Python requests lib handles encoding but maybe the scope parameter is the culprit. We’ve tried passing scope=analytics:report:read in the body and also in the headers. Neither works.
The dashboard is stuck. Here’s the request setup:
payload = {
'grant_type': 'client_credentials',
'client_id': 'my_client_id',
'client_secret': 'secret_with_%_char',
'scope': 'analytics:report:read'
}
headers = {'Content-Type': 'application/x-www-form-urlencoded'}
response = requests.post('https://api.mypurecloud.com/api/v2/oauth/token', data=payload, headers=headers)
The latency from Manila is fine. It’s not a timeout. The error comes back instantly. We’ve also checked the IP allowlist. The service IP is whitelisted. Maybe the scope needs to be analytics:conversation:view instead? But the error is on the token endpoint, not the data endpoint. So it’s not a permission issue yet. It’s the auth handshake. We’re scratching our heads. The docs show a cURL example but the Python mapping feels off. Is there a specific format for the client_secret when it has special chars? We’ve tried double encoding. No luck. The dashboard build is blocked.