We are setting up a Terraform pipeline to automate deployments. The goal is to have the pipeline generate its own authentication token rather than relying on a static one that expires every hour.
I tried using the standard OAuth client credentials flow. Here is the cURL command I’m running in the build step:
curl -X POST https://platform.api.nice.incontact.com/oauth2/token
-H ‘Content-Type: application/x-www-form-urlencoded’
-d ‘grant_type=client_credentials&client_id=MY_CLIENT_ID&client_secret=MY_SECRET&scope=::write’
The response is a 401 Unauthorized. The JSON body says “invalid_client”. I double-checked the ID and secret. They are correct. The app has the right scopes assigned in the admin console.
I also tried adding the audience parameter like some docs suggest, but it didn’t help. Is there a specific setting for the API key that needs to be toggled for CI/CD usage? Or am I missing a header? The token generation works fine in Postman manually, just not in the headless script.