Authentication Issue Creating Contact with Client Access Token


#1

I’m trying to do some very basic things with the v2 whitelabel and am having consistently reproducible issues. I am able to issue a client access token using the following curl command:

curl -X POST https://www.dwolla.com/oauth/v2/token -H "Content-Type:application/json" -d '{"client_id":"id","client_secret":"secret","grant_type":"client_credentials"}' -v

This properly issues a client access token, per the documentation. Then I attempt to odo a very simple customer addition with the

curl -X POST https://api.dwolla.com/customers -H "Content-Type: application/vnd.dwolla.v1.hal+json" -H "Accept: application/vnd.dwolla.v1.hal+json" -H "Authorization: Bearer my-access-token" -d '{"firstName":"My","lastName":"User","email":"user@test.com"}' -v

No matter what I do, I end up with the following error:

401/{“code”:“InvalidScope”,“message”:“Missing or invalid scopes for requested endpoint.”}

I have verified that my client_id and secret were generated with ALL permissions.

Is this functionality just broken on the v2 whitelabel API?


(Jared Dellitt) #2

Hey @joshe, you actually only need a client access token to call the webhooks and events endpoints. You’ll need an account access token (obtained via OAuth) to create customers and most other things in API v2.


(Jared Dellitt) #3

@joshe, you can also generate a token for your account in your applications list if you’re wanting to use the same account that owns the application to manage your white label customers.