Mautic Community Forums

oAuth 2.0 API authorization

Hi! I’m going to use Mautic API in my project (written in C#). I have an API turned on, I have an API credentials (clientId and client_secret). I’m trying to get the access_token, but I’m not sure I use the correct URL to get it. My URL is ‘https://mautic.infiniteriver.io/api/oauth/v2/token?client_id=%MY_CLIENT_ID%&redirect_uri=localhost&client_secret=%MY_CLIENT_SECRET%&grant_type=authorization_code’ where %MY_CLIENT_ID% and %MY_CLIENT_SECRET% are from ‘Credentials’ page. And I’m getting response

Code:
{"error":"access_denied","error_description":"OAuth2 authentication required"}
'. What I'm doing wrong?
Thanks.

Hi! I’m going to use Mautic API in my project (written in C#). I have an API turned on, I have an API credentials (clientId and client_secret). I’m trying to get the access_token, but I’m not sure I use the correct URL to get it. My URL is ‘https://mautic.infiniteriver.io/api/oauth/v2/token?client_id=%MY_CLIENT_ID%&redirect_uri=localhost&client_secret=%MY_CLIENT_SECRET%&grant_type=authorization_code’ where %MY_CLIENT_ID% and %MY_CLIENT_SECRET% are from ‘Credentials’ page. And I’m getting response
{"error":"access_denied","error_description":"OAuth2 authentication required"} '. What I’m doing wrong?
Thanks.

I’m thinking your biggest issue is the redirect_uri.

Take a look at:

https://github.com/mautic/api-library

And specifically, run the tester:
https://github.com/mautic/api-library/tree/master/apitester

If you run the tester you’ll see the callback URL is automatically configured to the location of the script:

You’ll need to plug that into the keys you generate so when the request is signed properly.

You mean, I have to set redirect_uri just like from ‘Credentials’ window? If yes - it doesn’t help:( And about api tester, it also requires OAuth2 authentication, so request ‘https://mautic.infiniteriver.io/api-library/apitester/’ shows the same response

{"error":"access_denied","error_description":"OAuth2 authentication required"}

And you’re certain you’ve got the API mode set to Oauth 2 in Mautic’s config?

Yes, sure. I’ve checked all configuration I have, api is turned on, and mode is oAuth2

Hm. Try clearing you cache after saving to make sure the setting change took place properly. Also are you running 1.0.4 yet? It had some changes to the authentication process (mostly for twitter though).

I also read almost all php code related to authorization in api library, but I don’t see any mistakes in my URL (I’m not good in PHP but it looks like I’m doing the same stuff as api lib does)

Cleared all caches. Used Chrome incognito window - all settings are OK. Where can I see the version? Thanks

Sorry when I said cache, I meant mautic cache. You can do that by deleting app/cache from the mautic directory.

Version is in the lower right hand corner of Mautic (on all pages).

Unfortunately, currently I have no access to PC where Mautic hosted. But I changed ‘Path to the cache directory’ from ‘%kernel.root_dir%/cache’ to ‘%kernel.root_dir%/cache1’ and save changes. Is this possible workaround for now? If yes - it didn’t help, same {"error":"access_denied","error_description":"OAuth2 authentication required"}

Hm… I even tried some external tools to get the access_token. Here is one of them

I created test user

and pass id and secret to the service above, and set https://www.runscope.com/oauth_tool/callback as callback url for ‘test’ user’s settings. But no luck, same "error_description":"OAuth2 authentication required"}

Alright so I just did some testing to make sure it was still working and I think that everything worked with the API Tester:

Is there any way you can test with our library tester? I don’t think we’ve tried with Runscope.

I tried your api tester with my mautic instance(you left the url on screenshot), but I get blank response for any requests, so I cannot evaluate if authorization was successful :frowning:

The same behavior when I use oAuth1 authorization.

Hi Dima

Sorry I don’t know whats wrong with it! I still think it is cache related personally.

Just out of curiosity - what happens if you create a free mautic account at mautic.com, create endpoints, and try to authenticate them with your app? See if that works (that will tell us if your app code is functioning correctly). then we can troubleshoot from there.

I have same type of problem. I have to use the Oauth 2 that is required on the site i’m trying to place the Mautic api key on.
i’m adding screen shots to show step1, 2 and 3

Did you figure out what the problem is? I have the same exact problem, I’m trying to authorize and app and I’m getting http 403 error

http://mautic.mydomainexample.com/oauth/v2/authorize?response_type=

There is no “oauth/v2/”

Also in my configuration there is no option to enable oAuth2, this is all very confusing?

I installed the api library from github as described in article https://www.mautic.org/blog/developer/how-to-use-the-mautic-rest-api/

so in my root folder is the /lib folder, what am I doing wrong?

I’ve just went through the same issue. After 3 days of debugging code and trying various ways of firing API calls I believe I’ve found the cause.
The problem is using /api in base URL of Mautic instance. Since in documentation, there is stated that:[quote]“Base API Endpoint: https://your-mautic.com/api”[/quote]
This can lead (mainly API greenhorns like me) to use this point also in authorization process.
The correct URL is without /api as follows: https://your-mautic.com/ from which is constructed https://your-mautic.com/oauth/v2... which is used when obtaining a token.
Maybe more explicit comment in API documentation don't use /api in baseUrl can prevent beginners from repeating the same mistake in future.

Great thanks for providing us with API Tester, I would never debug this without it.

Same here, I can´t connect to Zapier.