{“error”:”invalid_grant”,”error_description”:”authentication failure”}

I know this must have been posted here and I’ve tried the solutions I’ve searched across the web but I am still getting the error

{"error":"invalid_grant","error_description":"authentication failure"}

when I try to perform a cURL request to my dev org.

I’ve configured the connected app as follows:

  • Relaxed IP Restrictions
  • Allowed users to self authorize

System admin profile:

  • tried to made sure the connected app is added to my profile
  • tried to add my ip on the login ip range just to see and removed it

Built my cURL request from a Mac terminal:

curl -v https://ap15.salesforce.com/services/oauth2/token 
-d "grant_type=password" 
-d "client_id=xxxxx" 
-d "client_secret=xxxxx" 
-d "username=xxxxx" 
-d "password=xxxxx"

Or (password with security token)

curl -v https://ap15.salesforce.com/services/oauth2/token 
-d "grant_type=password" 
-d "client_id=xxxxx" 
-d "client_secret=xxxxx" 
-d "username=xxxxx" 
-d "password=xxxxxSECURITYTOKEN"

Or (variations of the domain)

curl -v https://login.salesforce.com/services/oauth2/token 
-d "grant_type=password" 
-d "client_id=xxxxx" 
-d "client_secret=xxxxx" 
-d "username=xxxxx" 
-d "password=xxxxx"
curl -v https://<specificorgdomain>/services/oauth2/token 
-d "grant_type=password" 
-d "client_id=xxxxx" 
-d "client_secret=xxxxx" 
-d "username=xxxxx" 
-d "password=xxxxx"

I tried to incorrectly send a wrong client secret, and it would say invalid client credential, so I verified that those were correct and that it fails on authentication without any clear message. There isn’t anything I can find around in Salesforce looking for those, and I would like to ask if there’s anyone who got around this issue.

I’ve tried sending and was able to get response from POSTMAN as well, but for cURL it does not work. I’m not sure if this is a Salesforce issue or a Mac Terminal issue or any configuration that would need to be made.

Please advise, thank you in advance!

Answer

Happened to me too. I guess it’s got to do with encoding, so this format worked for me:

curl --location --request POST 'https://login.salesforce.com/services/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'username=xxxx' \
--data-urlencode 'password=xxxx' \
--data-urlencode 'client_id=xxxx' \
--data-urlencode 'client_secret=xxxx'

Attribution
Source : Link , Question Author : nekmancer , Answer Author : markgarg

Leave a Comment