WebService Connector - OAuth with Password grant type

I am getting "Exception occurred in Test Connection. Error: Exception occurred while generating access token: Unable to generate access token. Response returned: {"error":"invalid_client"}“}” while connecting to SaaS application using OAUTH grant type password. I am passing username, password, client_id and client_secret in the request header.

I am able to connect using POSTMAN to the application but for some reason ISC is throwing invalid client error. Using the developer tools, I figured out that access token generated by ISC is not a valid token but not sure why its invalid. Any pointers will help.

Stack Trace
“exception”:{“stacktrace”:“sailpoint.connector.ConnectorException: Exception occurred in Test Connection. Error: Exception occurred while generating access token: Unable to generate access token. Response returned: {"error":"invalid_client"}\n\tat com.sailpoint.ccg.cloud.container.Container.testConnection(Container.java:338)\n\tat com.sailpoint.ccg.cloud.container.ContainerIntegration.ping(ContainerIntegration.java:73)\n\tat com.sailpoint.ccg.handler.TestConnectionHandler.invoke(TestConnectionHandler.java:29)\n\tat sailpoint.gateway.accessiq.CcgPipelineMessageHandler.handleMessage_aroundBody0(CcgPipelineMessageHandler.java:47)\n\tat sailpoint.gateway.accessiq.CcgPipelineMessageHandler$AjcClosure1.run(CcgPipelineMessageHandler.java:1)\n\tat org.aspectj.runtime.reflect.JoinPointImpl.proceed(JoinPointImpl.java:167)\n\tat com.sailpoint.tracing.otel.TracedAspect.lambda$traceExecution$0(TracedAspect.java:34)\n\tat com.sailpoint.tracing.otel.GlobalTracer.trace(GlobalTracer.java:157)\n\tat com.sailpoint.tracing.otel.GlobalTracer.trace(GlobalTracer.java:136)\n\tat com.sailpoint.tracing.otel.GlobalTracer.trace(GlobalTracer.java:124)\n\tat com.sailpoint.tracing.otel.TracedAspect.traceExecution(TracedAspect.java:36)\n\tat sailpoint.gateway.accessiq.CcgPipelineMessageHandler.handleMessage(CcgPipelineMessageHandler.java:36)\n\tat com.sailpoint.pipeline.server.PipelineServer$InboundQueueListener$MessageHandler.run(PipelineServer.java:369)\n\tat java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)\n\tat java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)\n\tat java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)\n\tat java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)\n\tat java.base/java.lang.Thread.run(Thread.java:829)\nCaused by: sailpoint.connector.ConnectorException: Exception occurred in Test Connection. Error: Exception occurred while generating access token: Unable to generate access token. Response returned: {"error":"invalid_client"}\n\tat sailpoint.connector.webservices.v2.WebServiceFacadeV2.testConnection(WebServiceFacadeV2.java:504)\n\tat sailpoint.connector.webservices.WebServicesConnector.testConfiguration(WebServicesConnector.java:112)\n\tat sailpoint.connector.ConnectorProxy.testConfiguration(ConnectorProxy.java:411)\n\tat com.sailpoint.ccg.cloud.container.Container.testConnection(Container.java:331)\n\t… 17 more\n”,“exception_class”:“sailpoint.connector.ConnectorException”,“exception_message”:"Exception occurred in Test Connection. Error: Exception occurred while generating access token: Unable to generate access token. Response returned:

I see invalid_client but depending on the source, that could mean many different things.

I found it helpful to log the request of the test connection so you can fully compare with what is in Postman. Sometimes there are minor differences: params, headers, etc. that must be added or if an input is null, the request will get modified.

Additionally, if you test this in the debugger/postman, you can walk through the code and inspect it with breakpoints.

1 Like

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.