Struggling to Get Token for REST API in PHP OAuth 2 Client. Have Successfully Tested with Postman

Question

I need to add some functionality to my site to connect via REST to a provider and exchange data. I've used Postman for several years to test these APIs for myself and customers, but this is the first time I have tried to add the functionality to my site.

I've Googled numerous sites. I tried a few different things. First I tried the league/oauth2-client library. The requests went through without any errors, but all I received back was a response like this.

JSON response = {"status":"400","timeStamp":"2022-01-22T16:21:19+0000","error":{"errorId":"ea7bc74d-21ca-4503-92ad-3a76b05d7554","message":null,"code":"invalid_request","description":"Cannot generate token. Bad request","details":null}}

So I went to look at other examples. I found this nice and simple code from
UC San Diego Example for Client Credentials. I tried it and got the same type of results. "Cannot generate token. Bad request." For now, I like the simple option of the UCSD example if I can make it work.

As I said, I can successfully make this request and use the API all day long in Postman. So I know the Client ID, Client Secret, and URL are correct.

Unfortunately, I don't know how to troubleshoot this in PHP. I looked in the server log and I didn't find any errors. I tried to echo something out to see if I could see what was wrong, but I couldn't get the request to echo to the page. I tried using Fiddler to see if I could find the request with no luck.

Here's where I am right now. Any suggestions for what I am missing?

Thanks in advance for your help!

   <?php
 
$token_url = "https://xxxx.xxxxx.com/services/api/oauth2/token";
 
$test_api_url = "https://xxxx.xxxxx.com/services/api/x/users/v2/employees/12345";
 
//  client (application) credentials on xxxx.xxxxxx.com
$client_id = "xxxxxxxxxxx";
$client_secret = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
  
 
$access_token = getAccessToken();
$resource = getResource($access_token);

echo "</br>access_token = " . $access_token;
echo "</br>resource = " . $resource;
 
 
 
//  step A, B - single call with client credentials as the basic auth header
//      will return access_token
function getAccessToken() {
    global $token_url, $client_id, $client_secret;
 
    $content = "grant_type=client_credentials";
    $authorization = base64_encode("$client_id:$client_secret");

    $header = array("Authorization: Basic {$authorization}","Content-Type: application/x-www-form-urlencoded");
 
    $curl = curl_init();
    curl_setopt_array($curl, array(
        CURLOPT_URL => $token_url,
        CURLOPT_HTTPHEADER => $header,
        CURLOPT_SSL_VERIFYPEER => false,
        CURLOPT_RETURNTRANSFER => true,
        CURLOPT_POST => true,
        CURLOPT_POSTFIELDS => $content
    ));
    
    $response = curl_exec($curl);
    curl_close($curl);
 
    echo "</br>JSON response = " . $response;
    
    return json_decode($response)->access_token;
}
 
//  step B - with the returned access_token we can make as many calls as we want
function getResource($access_token) {
    global $test_api_url;
 
    $header = array("Authorization: Bearer {$access_token}");
 
    $curl = curl_init();
    curl_setopt_array($curl, array(
        CURLOPT_URL => $test_api_url,
        CURLOPT_HTTPHEADER => $header,
        CURLOPT_SSL_VERIFYPEER => false,
        CURLOPT_RETURNTRANSFER => true
    ));
    $response = curl_exec($curl);
    curl_close($curl);
 
    return json_decode($response, true);
}
 
?>

Answer 1

So it seems that with a little bit of research and learning on my part the answer to my question was in Postman. Postman includes a feature that will translate your request into any number of code languages.

All I had to do was select the PHP option and copy and paste the results into my project. Boom, there you go. That was easy.

Here's a YouTube video showing how it works. Postman: Import/Export and Generating Code Samples