https://community.dynatrace.com/t5/Dynatrace-API/Testing-OAuth-to-get-token/m-p/253222#M3317 <P>I have a similar issue:<BR /><BR />curl --location --request POST '<A href="https://sso.dynatrace.com/sso/oauth2/token" target="_blank">https://sso.dynatrace.com/sso/oauth2/token</A>' \<BR />--header 'Content-Type: application/x-www-form-urlencoded' \<BR />--data-urlencode 'grant_type=client_credentials' \<BR />--data-urlencode 'client_id=&lt;client id&gt;' \<BR />--data-urlencode 'client_secret=&lt;secret&gt;' \<BR />--data-urlencode 'resource=urn:dtaccount:&lt;account-UUID&gt;' \<BR />--data-urlencode 'scope=app-engine:apps:install app-engine:apps:run'<BR /><BR />{"errorCode":400,"message":"Bad Request","issueId":"K4DTL7WN6UVPGAM6","error":"invalid_request","error_description":""}%</P> Tue, 13 Aug 2024 08:50:17 GMT DaveOps 2024-08-13T08:50:17Z https://community.dynatrace.com/t5/Dynatrace-API/Testing-OAuth-to-get-token/m-p/239216#M2975 <P>Hi, i am using the below details to pull back a token (removed the OAuth details), but we get a badrequest 400 back with this body and no idea what the issue is.&nbsp;<BR /><BR />Input:<BR />Headers:<BR /><SPAN>{ "Content-Type": "application/x-www-form-urlencoded" }</SPAN><BR />Body:<BR /><SPAN>{ "grant_type": "client_credentials", "client_id": "*.*", "client_secret": "*", "scope": "account-idm-read account-idm-write", "resource": "*" }</SPAN><BR /><BR />Response:</P><DIV><DIV><SPAN>{</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;</SPAN><SPAN>"statusCode"</SPAN><SPAN>:&nbsp;</SPAN><SPAN>400</SPAN><SPAN>,</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;</SPAN><SPAN>"headers"</SPAN><SPAN>:&nbsp;{</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</SPAN><SPAN>"Date"</SPAN><SPAN>:&nbsp;</SPAN><SPAN>"Thu,&nbsp;07&nbsp;Mar&nbsp;2024&nbsp;11:37:34&nbsp;GMT"</SPAN><SPAN>,</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</SPAN><SPAN>"Connection"</SPAN><SPAN>:&nbsp;</SPAN><SPAN>"keep-alive"</SPAN><SPAN>,</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</SPAN><SPAN>"Set-Cookie"</SPAN><SPAN>:&nbsp;</SPAN><SPAN>"AWSALB=Y/NaFryc7SsOf2MxmkuwVVGJHxLU0p1XrWOiQojtDSqMWV0Qpx1qJWiAnEeifSLvCTtoMDBm2y0imRXrVh6tYhSfuwa6POX513NQjP/torNLEuMp/3N6QPpqefJA;&nbsp;Expires=Thu,&nbsp;14&nbsp;Mar&nbsp;2024&nbsp;11:37:34&nbsp;GMT;&nbsp;Path=/,AWSALBCORS=Y/NaFryc7SsOf2MxmkuwVVGJHxLU0p1XrWOiQojtDSqMWV0Qpx1qJWiAnEeifSLvCTtoMDBm2y0imRXrVh6tYhSfuwa6POX513NQjP/torNLEuMp/3N6QPpqefJA;&nbsp;Expires=Thu,&nbsp;14&nbsp;Mar&nbsp;2024&nbsp;11:37:34&nbsp;GMT;&nbsp;Path=/;&nbsp;SameSite=None;&nbsp;Secure,dtCookie=v_4_srv_14_sn_DA589D2531938B2A2F384294FD5F1308_perc_100000_ol_0_mul_1_app-3A98ef57ca1ba5392b_1_rcs-3Acss_0;&nbsp;Path=/;&nbsp;Domain=.dynatrace.com;&nbsp;secure"</SPAN><SPAN>,</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</SPAN><SPAN>"Server-Timing"</SPAN><SPAN>:&nbsp;</SPAN><SPAN>"dtRpid;desc=\"-524315565\",&nbsp;dtSInfo;desc=\"0\""</SPAN><SPAN>,</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</SPAN><SPAN>"X-OneAgent-JS-Injection"</SPAN><SPAN>:&nbsp;</SPAN><SPAN>"true"</SPAN><SPAN>,</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</SPAN><SPAN>"X-Frame-Options"</SPAN><SPAN>:&nbsp;</SPAN><SPAN>"DENY"</SPAN><SPAN>,</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</SPAN><SPAN>"Frame-Options"</SPAN><SPAN>:&nbsp;</SPAN><SPAN>"deny"</SPAN><SPAN>,</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</SPAN><SPAN>"X-XSS-Protection"</SPAN><SPAN>:&nbsp;</SPAN><SPAN>"1;&nbsp;mode=block"</SPAN><SPAN>,</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</SPAN><SPAN>"X-Content-Type-Options"</SPAN><SPAN>:&nbsp;</SPAN><SPAN>"nosniff"</SPAN><SPAN>,</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</SPAN><SPAN>"Content-Security-Policy"</SPAN><SPAN>:&nbsp;</SPAN><SPAN>"default-src&nbsp;'self'&nbsp;<A href="https://static.sso.dynatrace.com&nbsp;https://dt-cdn.net" target="_blank">https://static.sso.dynatrace.com&nbsp;https://dt-cdn.net</A>;&nbsp;script-src&nbsp;'self'&nbsp;'unsafe-inline'&nbsp;<A href="https://static.sso.dynatrace.com" target="_blank">https://static.sso.dynatrace.com</A>;&nbsp;frame-ancestors&nbsp;'none';&nbsp;form-action&nbsp;http:&nbsp;https:;&nbsp;report-uri&nbsp;<A href="https://report-csp.internal.dynatracelabs.com/sso2.0" target="_blank">https://report-csp.internal.dynatracelabs.com/sso2.0</A>"</SPAN><SPAN>,</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</SPAN><SPAN>"X-Content-Security-Policy"</SPAN><SPAN>:&nbsp;</SPAN><SPAN>"default-src&nbsp;'self'&nbsp;<A href="https://static.sso.dynatrace.com&nbsp;https://dt-cdn.net" target="_blank">https://static.sso.dynatrace.com&nbsp;https://dt-cdn.net</A>;&nbsp;script-src&nbsp;'self'&nbsp;'unsafe-inline'&nbsp;<A href="https://static.sso.dynatrace.com" target="_blank">https://static.sso.dynatrace.com</A>;&nbsp;frame-ancestors&nbsp;'none';&nbsp;form-action&nbsp;http:&nbsp;https:;&nbsp;report-uri&nbsp;<A href="https://report-csp.internal.dynatracelabs.com/sso2.0" target="_blank">https://report-csp.internal.dynatracelabs.com/sso2.0</A>"</SPAN><SPAN>,</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</SPAN><SPAN>"Strict-Transport-Security"</SPAN><SPAN>:&nbsp;</SPAN><SPAN>"max-age=31536000;&nbsp;preload"</SPAN><SPAN>,</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</SPAN><SPAN>"Pragma"</SPAN><SPAN>:&nbsp;</SPAN><SPAN>"no-cache"</SPAN><SPAN>,</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</SPAN><SPAN>"Cache-Control"</SPAN><SPAN>:&nbsp;</SPAN><SPAN>"no-store,&nbsp;must-revalidate,&nbsp;no-cache"</SPAN><SPAN>,</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</SPAN><SPAN>"issueId"</SPAN><SPAN>:&nbsp;</SPAN><SPAN>"25EDJDCEXJAZAG5I"</SPAN><SPAN>,</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</SPAN><SPAN>"Content-Type"</SPAN><SPAN>:&nbsp;</SPAN><SPAN>"application/json;&nbsp;charset=utf-8"</SPAN><SPAN>,</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</SPAN><SPAN>"Content-Length"</SPAN><SPAN>:&nbsp;</SPAN><SPAN>"70"</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;},</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;</SPAN><SPAN>"body"</SPAN><SPAN>:&nbsp;{</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</SPAN><SPAN>"errorCode"</SPAN><SPAN>:&nbsp;</SPAN><SPAN>400</SPAN><SPAN>,</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</SPAN><SPAN>"message"</SPAN><SPAN>:&nbsp;</SPAN><SPAN>"Bad&nbsp;Request"</SPAN><SPAN>,</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</SPAN><SPAN>"issueId"</SPAN><SPAN>:&nbsp;</SPAN><SPAN>"25EDJDCEXJAZAG5I"</SPAN></DIV><DIV><SPAN>&nbsp;&nbsp;&nbsp;&nbsp;}</SPAN></DIV><DIV><SPAN>}</SPAN></DIV></DIV> Thu, 07 Mar 2024 11:42:19 GMT https://community.dynatrace.com/t5/Dynatrace-API/Testing-OAuth-to-get-token/m-p/239216#M2975 Frazzle 2024-03-07T11:42:19Z https://community.dynatrace.com/t5/Dynatrace-API/Testing-OAuth-to-get-token/m-p/241730#M3017 <P>Hi&nbsp;<a href="https://community.dynatrace.com/t5/user/viewprofilepage/user-id/73096">@Frazzle</a>&nbsp;,</P><P>you may have missed a the first bit in the resource filed.</P><P>try it like this:</P><LI-CODE lang="markup">curl --location --request POST 'https://sso.dynatrace.com/sso/oauth2/token' \ --header 'Content-Type: application/x-www-form-urlencoded' \ --data-urlencode 'grant_type=client_credentials' \ --data-urlencode 'client_id=dt0s02.*' \ --data-urlencode 'client_secret=dt0s02.*.*' \ --data-urlencode 'resource=urn:dtaccount:&lt;your-account-id&gt;' \ --data-urlencode 'scope=account-idm-read account-idm-write'</LI-CODE><P>&nbsp;</P> Wed, 03 Apr 2024 12:37:58 GMT https://community.dynatrace.com/t5/Dynatrace-API/Testing-OAuth-to-get-token/m-p/241730#M3017 mark_bley 2024-04-03T12:37:58Z https://community.dynatrace.com/t5/Dynatrace-API/Testing-OAuth-to-get-token/m-p/253222#M3317 <P>I have a similar issue:<BR /><BR />curl --location --request POST '<A href="https://sso.dynatrace.com/sso/oauth2/token" target="_blank">https://sso.dynatrace.com/sso/oauth2/token</A>' \<BR />--header 'Content-Type: application/x-www-form-urlencoded' \<BR />--data-urlencode 'grant_type=client_credentials' \<BR />--data-urlencode 'client_id=&lt;client id&gt;' \<BR />--data-urlencode 'client_secret=&lt;secret&gt;' \<BR />--data-urlencode 'resource=urn:dtaccount:&lt;account-UUID&gt;' \<BR />--data-urlencode 'scope=app-engine:apps:install app-engine:apps:run'<BR /><BR />{"errorCode":400,"message":"Bad Request","issueId":"K4DTL7WN6UVPGAM6","error":"invalid_request","error_description":""}%</P> Tue, 13 Aug 2024 08:50:17 GMT https://community.dynatrace.com/t5/Dynatrace-API/Testing-OAuth-to-get-token/m-p/253222#M3317 DaveOps 2024-08-13T08:50:17Z https://community.dynatrace.com/t5/Dynatrace-API/Testing-OAuth-to-get-token/m-p/255363#M3375 <P>To resolve the issue, <STRONG>generate a new OAuth Client</STRONG>.</P><P>In my case, the OAuth Client was dormant because it was created by a colleague who is no longer active in my Dynatrace account, resulting in the following response.</P><P>{ "errorCode": 400, "message": "Bad Request", "issueId": "XXXXXXXXXXX", "error": "invalid_request", "error_description": "" }</P><P>&nbsp;</P><P>Here's the working cURL command/request body for your reference:</P><P>curl --location '<A href="https://sso.dynatrace.com/sso/oauth2/token" target="_blank">https://sso.dynatrace.com/sso/oauth2/token</A>' \<BR />--header 'Content-Type: application/x-www-form-urlencoded' \<BR />--data-urlencode 'grant_type=client_credentials' \<BR />--data-urlencode 'client_id=&lt;your-Client-ID&gt;' \<BR />--data-urlencode 'client_secret=&lt;your-Client-secret&gt;' \<BR />--data-urlencode 'resource=urn:dtaccount:&lt;your-account-UUID&gt;' \<BR />--data-urlencode 'scope=iam-policies-management account-idm-read account-idm-write'</P> Tue, 10 Sep 2024 16:40:38 GMT https://community.dynatrace.com/t5/Dynatrace-API/Testing-OAuth-to-get-token/m-p/255363#M3375 shivamagnihotri 2024-09-10T16:40:38Z