Hey everyone,
I’m trying to build a simple Python script to pull some basic adherence data from CXone using the REST API. Since this is a server-side tool running on a cron job, I don’t really need user context, so I figured the client_credentials grant type would be the way to go.
I’ve registered a new API client in the NICE CXone admin console and got the Client ID and Client Secret. The docs say I just need to POST to the token endpoint, but I keep hitting a wall with a 401 Unauthorized error.
Here is the code I’m using:
import requests
client_id = "my-client-id-here"
client_secret = "my-client-secret-here"
# The docs mention this endpoint
url = "https://api.nicecxone.com/oauth2/token"
headers = {
"Content-Type": "application/x-www-form-urlencoded",
"Authorization": f"Basic {base64.b64encode(f'{client_id}:{client_secret}'.encode()).decode()}"
}
payload = {
"grant_type": "client_credentials"
}
response = requests.post(url, headers=headers, data=payload)
print(response.status_code)
print(response.text)
I’m getting a 401 back. The error JSON says {"error": "invalid_client"}.
I’ve triple-checked the ID and Secret. I even generated a new pair just in case I had a typo. The client is set to confidential and has the api scope enabled. I’m not sure if I need to include the client secret in the body instead of the header, or if there’s something else I’m missing with the CXone auth flow specifically.
Is the Basic auth header the right way to send the credentials for this endpoint? I feel like I’m doing everything the standard OAuth2 docs say, but it’s just not working. Any ideas?
Thanks.