Trying to script a simple token fetch for our internal automation tools using Python’s requests library. The goal is to get an access token via the OAuth2 Client Credentials flow so we can push configuration updates later.
The documentation suggests POSTing to /oauth/token with grant_type=client_credentials. I have the client_id and client_secret from the integration settings.
Here is the snippet I am running:
import requests
url = "https://api.mypurecloud.com/oauth/token"
payload = {
"grant_type": "client_credentials"
}
headers = {
"Content-Type": "application/x-www-form-urlencoded",
"Accept": "application/json"
}
auth = ("my_client_id", "my_client_secret")
response = requests.post(url, data=payload, headers=headers, auth=auth)
print(response.status_code)
print(response.json())
The response is consistently a 401 Unauthorized. The JSON payload returned is:
{
"error": "invalid_client",
"error_description": "Client authentication failed"
}
I have verified the credentials by pasting them into Postman and it works fine there. The Content-Type header is set correctly. I am using the standard tuple auth method in requests which should handle the Basic Auth encoding.
Is there something specific about the Genesys Cloud endpoint that requires a different header structure? Or perhaps the data parameter needs to be encoded differently before passing to requests? The state drift in our Terraform state is getting worse because we cannot automate the token refresh, so manual intervention is failing us here.