Cannot get access token in client-credential


I am using Tyk-pro-docker-demo (GitHub - TykTechnologies/tyk-pro-docker-demo: Tyk Pro demo using docker and docker compose, supercedes tyk_quickstart).

I faced an issue in client-credential authentication part (oauth 2.0). Because I have created an API call testAccess using the dashboard, and I chose oauth2.0 → client-credential (picture below):

I also created a policy and then an oauth client:

However, when I tried to get the access token at this endpoint: http://my-tyk-domain/testaccess/oauth/token using post method, I got an error:

I tried to check the logs, and it said:

“Failure retrieving client ID key “oauth-clientid.78b12ac7d9fd4aaea0a703499d1ccf52\n”: key not found”

“[OAuth] OAuth response marked as error” client_id=78b12ac7d9fd4aaea0a703499d1ccf52 org_id=62cfe9f4a0187d0001deccdd response code=403 response error=“The authorization server encountered an unexpected condition that prevented it from fulfilling the request.”

Why I could not get the access token at this endpoint? Is there any step that I missed?


Maan Tarng

@maantarng, Thanks for posting your question here. First of, have you tried following the steps from our docs on how to use oauth 2?

I can replicate your error when using a wrong client_id when encoding to base64 for the Authorization. From the error that you are getting, *“Failure retrieving client ID key “oauth-clientid.78b12ac7d9fd4aaea0a703499d1ccf52\n”: key not found”* it seems that there’s a trailing new line character in your client_id when converting it to base64 that’s why it gets this error.

To resolve this kindly make sure that you are using the correct client_id and client_secret without trailing whitespaces or extra characters.

1 Like

Hi @Page

Yes. Thanks for your help!

In fact I used Postman to do this. And I noticed that there is a new line being added in the client-id.

Once I removed it, it works.

Thanks for your help!


Maan Tarng