Error while requesting the token using the OAuth 2.0 authentication

Hi,
I am trying to fetch the data to Tulip connectors from the ERP system using API.
I am using OAuth 2.0 as the authentication.

I have configured the Tulip Connector but unable fetch/generate the Token (Provided all the relevant info Access token URL, Client ID, Client secret, Scope)

Using the Postman application I am able to generate the token. Also, I am able fetch the data from the ERP. If I key-in the token generated from the Postman in the Tulip connector, I am able to get the data from the ERP in the Tulip connector

I get below error:
" Function Test Error
There was an error while testing the function: [500] OAuthError: OAuth Token Refresh Response Invalid - Error refreshing OAuth token: invalid_request: AADSTS900144: The request body must contain the following parameter: ‘grant_type’. Trace ID: 471aa4bc-185d-4f5f-96bf-1dca929e2a00 Correlation ID: 7f5089c4-b5a5-496c-99e2-88ba1b94c56b Timestamp: 2024-11-05 13:24:28Z "

I have set ‘grant_type’ to “authorization_code”. Still I get the above error, not sure what configuration is missing.

Thanks,
Shrinivas

Hey @Shrinivas.Kandakur ,

I think the issue might be with the format of your request body. (per here and here )
Can you try manually adding Content-Type: application/x-www-form-urlencoded as a header in the connector function? I’ve had it happen sometimes that Tulip may not explicitly state the content-type of the request in a place where the server on the other side expects it, and this causes similar issues.

If this doesn’t work then I would wonder if the body parameter grant_type needs to be in the authorization refresh request, which is handled internally by Tulip. Support could look into that for you.

1 Like

Hi @Shrinivas.Kandakur,

Which ERP are you trying to connect to?
You should not have to manually set the grant_type parameter. This should be handled by Tulip in the OAuth2 configuration.

Does this connection prompt the OAuth2.0 user sign in for your ERP, and is the sign in successful?
If not successful, is the OAuth2.0 sign in successful when the 3 checkboxes are unchecked?

Send token request data as JSON

Send authentication header

Use custom prompt header.

Thank you,
Damiana Gonzales

1 Like

Hi @d.gonzales,

I am trying to connect Oracle ERP.
Initially, I didn’t set the grant_type parameter. As I was getting the error, hence I added the grant_type parameter manually.
In have configured the OAuth2.0 with client credentials (This method was preferred by the client)
I tried to by unchecking, still communication is unsuccessful:

  1. Send token request data as JSON
  2. Send authentication header
  3. Use custom prompt header.

@d.gonzales ,

Instead of passing the parameters from “Environment Settings” page.

I tried to pass the parameters like grant_type, client_id, client_secret, Scope, from the Connector Function “Request Body”. With this method I was able to establish the communication with ERP and fetch the “Token”

Thanks,
Shrinivas

Thank you for the details, @Shrinivas.Kandakur.

This is interesting. According to RFC 6749, section 4.4.2, instead of the grant_type=authorization_code, the following grant_type is required.

grant_type
REQUIRED. Value MUST be set to “client_credentials”.

I work here at Tulip as a Solution Engineer, so I only use from the front end; however, I believe this is the specification our team used to configure the OAuth2.0 Client Credentials Connector support.

My recommendation would be to check with your IT and ensure either Oracle ERP or the IdP used is following this same OAuth2.0 specification.
Or, you may also submit a Tulip Support ticket and they should be able to investigate further.

Thank you,
Damiana Gonzales

Hello @Shrinivas.Kandakur, I’m also facing the same problem with different ERP. Have you guys figured out the solution for the issue. If you have found the solution, I would like you to help me with the issue.

Thank you
Kousik

Hi @Kousikdh and @lpascoe … I was able to resolve the issue…
Find the below configurations to resolve the issue:

  1. In the Tulip Connector, I have selected the Authentication Type as OAuth 2.0 (Bearer Token)

  2. I have configured 2 functions in the connector, 1) To Fetch the Token 2) To get the production data

  3. In the request body of the connector Function (to fetch the Token), I have configured the " grant_type " as " client_credentials " and added other details like “client_id” , “client_secret” and “scope” (which are mandatory fields for the OAuth2.0 authentication)

  4. Another function to fetch the production data, Request Headers are configured with “Subscription Key” and “Authorization”

Thanks,
Shrinivas

1 Like

Thanks @Shrinivas.Kandakur for sharing your solution here! Very helpful :slight_smile: