AnsweredAssumed Answered

using client id/secret from a different account to authenticate/authorize the user

Question asked by admin guy on Jan 30, 2017
Latest reply on Jan 30, 2017 by Angel Magana

Hello! I have two instances of SugarCRM running and in the first instance, as an Admin, I have created an OAuth key with client ID I1 and client secret S1.


Now when I'm trying to generate an OAuth2 Access token for the second instance, I pass the Admin credentials of the second instance but the client credentials I1/S1 of the first instance. And it doesn't work, throwing the error quoted below.


`{"error":"invalid_client","error_message":"The client credentials are invalid"}`


Is it because when we make a request to the oauth/token endpoint, we should only use one of client_id/secrets that was generated for the 2nd instance? Is there no way to use client credentials belonging to another instance?


What we are trying to achieve is, provision the users for various customers using our product (similar to Okta Identity Service). Each client will be running their own instance of SugarCRM, and our product uses the client id and secret we generated for our own instance of SugarCRM.