We’re building a backend service to fetch CXone recording metadata for New Relic dashboards. The goal is to automate the token retrieval using the client_credentials grant type so we don’t have to manage user sessions. We’ve set up the OAuth client in the CXone portal and generated the credentials. The scope is set to recordings:read.
I’m using Python requests to hit the token endpoint. The request looks correct based on the docs, but I keep getting a 401 Unauthorized. Here’s the code snippet:
import requests
url = "https://platform.mynicecx.com/oauth/token"
headers = {
"Content-Type": "application/x-www-form-urlencoded"
}
params = {
"grant_type": "client_credentials",
"scope": "recordings:read",
"client_id": "my-client-id-here",
"client_secret": "my-secret-here"
}
response = requests.post(url, headers=headers, params=params)
print(response.status_code)
print(response.text)
The response body is:
{
"error": "invalid_client",
"error_description": "Bad client credentials"
}
I’ve double-checked the client ID and secret. They are copied directly from the CXone OAuth client configuration page. I’ve also tried encoding the client_id and client_secret in the Authorization header using Basic Auth instead of passing them as form parameters, but that resulted in the same invalid_client error.
Is there a specific format required for the client credentials in CXone? Or is the client_credentials grant restricted to certain tenant types? We’re on a standard CXone instance. Any help would be appreciated. We need this working to push the recording events to New Relic without manual intervention.