Hey folks,
Stuck on a weird auth issue with our internal Python script. Trying to grab an access token using the Client Credentials flow so we can hit the /api/v2/interaction/configs endpoint without user context. The docs say to POST to /oauth/token with grant_type set to client_credentials.
Here’s the snippet:
import requests
import base64
url = "https://api.mypurecloud.com/oauth/token"
headers = {
"Content-Type": "application/x-www-form-urlencoded"
}
# Encoding client_id and client_secret
creds = f"{client_id}:{client_secret}"
encoded = base64.b64encode(creds.encode()).decode()
headers["Authorization"] = f"Basic {encoded}"
payload = {
"grant_type": "client_credentials"
}
response = requests.post(url, headers=headers, data=payload)
print(response.status_code)
print(response.json())
Getting a 401 Unauthorized back. The response body just says {"error":"invalid_grant"}. We’ve double-checked the app credentials in the developer portal and they look fine. Also confirmed the app has the necessary scopes assigned.
Is there something obvious I’m missing with the header format? Or maybe the base64 encoding is off? Feels like it should be straightforward but it’s not working.