I’m completely stumped as to why my Java service is receiving a 401 Unauthorized response when attempting to acquire an access token via the client_credentials grant. I am constructing the request using the standard Apache HttpComponents library, ensuring the Content-Type header is strictly set to application/x-www-form-urlencoded.
Here is the relevant portion of my code where I build the entity and execute the POST to the NICE CXone OAuth endpoint. The client_id and client_secret are verified correct in the portal, yet the response body consistently returns a generic ‘invalid_client’ error message without further detail.
HttpPost post = new HttpPost("https://api.nice.incontact.com/oauth2/token");
post.setHeader("Content-Type", "application/x-www-form-urlencoded");
StringEntity entity = new StringEntity("grant_type=client_credentials&scope=api");
post.setEntity(entity);
CloseableHttpResponse response = client.execute(post);
I have attempted adding the client credentials directly into the Authorization header as a Basic auth string, but that yields the same result. Is there a specific formatting requirement for the request body or headers that the CXone API enforces differently than standard OAuth 2.0 implementations?