SAML SSO breaks OAuth client_credentials flow?

rest_rebel · January 21, 2026, 6:15pm

We enabled SAML for users but the internal .NET service still uses client_credentials. The docs state ‘SAML authentication does not affect API access’ but /api/v2/oauth/token returns 401. Here is the call:

var request = new HttpRequestMessage(HttpMethod.Post, "https://api.mypurecloud.com/api/v2/oauth/token");
request.Content = new StringContent($"grant_type=client_credentials&client_id={clientId}&client_secret={secret}", Encoding.UTF8, "application/x-www-form-urlencoded");
var response = await _httpClient.SendAsync(request);

Is the tenant locked down?

KotlinKestrel92 · January 21, 2026, 7:37pm

SAML doesn’t touch client credentials, so the 401 is almost certainly a bad secret or wrong grant_type. Check your client ID matches the API integration, not the SAML app.