Not Authorized for OAuth in Sandbox

I’ve been implementing oauth into my application using the “code flow” method. In sandbox, I keep on getting the error

    [message] => Not Authorized
    [type] => service.not_authorized

My obtainToken cURL after getting the authorization code is:

curl \
  -X POST \
  -H 'Square-Version: 2024-04-17' \
  -H 'Content-Type: application/json' \
  -d '{
    "client_id": "sandbox-sq0idb-EskP8TWnQKx61vYAdnEOCQ",
    "client_secret": "<SANDBOX_ACCESS_TOKEN (AKA. CLIENT SECRET)>",
    "code": "sandbox-sq0cgb-yAF9ePy801ZNxWUlVdfA2A",
    "grant_type": "authorization_code"

I’ve also tested it here:
I get the same error.

If the client_secret = the sandbox access token from the Developers Dashboard > Credentials then I an 100% sure I have them correct. I’ve looked around at other posts and couldn’t find anything that solved my issue.

Can anyone help explain why I would be getting that authorization error?

The client_secret is different from the access token. You’ll get the secret from the OAuth section of the Developer Dashboard. For example:


Wow! That made me feel stupid. Brain fart I guess. Thanks it works.

Glad to hear it’s working as expected. :slightly_smiling_face: