Invalid grant_type parameter or parameter missing
Hello,
I read others posts, and tried on my side, without success. I need help.
I generate the code as requested, this first part is Ok.api.netatmo.com/oauth2/authorize?
client_id=<my app client id> &redirect_uri=[my redirect uri] &scope=[only the read_station for now] &state=teststate
Then I tried to get the access and refresh tokens using php, and it doesn't work. What am I doing wrong?
Of course I worked before the authentification modification method by netatmo in 2023.
Thanks @leslie for your greatly appreciated help
Phil
<?php
/*------------------------------------------------------------------------------*/
/* https://dev.netatmo.com/apidocumentation/oauth#authorization-code */
/*------------------------------------------------------------------------------*/
/*
POST /oauth2/token HTTP/1.1
Host: api.netatmo.com
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
grant_type=authorization_code
client_id=[YOUR_APP_ID]
client_secret=[YOUR_CLIENT_SECRET]
code=[CODE_RECEIVED_FROM_USER]
redirect_uri=[YOUR_REDIRECT_URI]
scope=[SCOPE_SPACE_SEPARATED]
*/
$grant_type="autorization_code";
$client_id="6xxxxxxxxxxxxxxxc";
$client_secret="Ixxxxxxxxxxxxxxxxxxxxxx4";
$code="1xxxxxxxxxxxxxxxxxxe"; // obtained with the first part of authentication
// https://api.netatmo.com/oauth2/authorize?client_id=
$redirect_uri="http://localhost";
$scope="read_station";
$Content_Type="application/x-www-form-urlencoded;charset=UTF-8";
/*------------------------------------------------------------------------------*/
function get_token($grant_type,$client_id,$client_secret,$code,$scope,$redirect_uri,$Content_Type)
{
// Initiate curl session
$handle = curl_init();
$datas = array("grant_type"=>$grant_type,"client_id"=>$client_id,"client_secret"=>$client_secret,"code"=>$code,"scope"=>$scope,"redirect_uri"=>$redirect_uri,"Content-Type:" => $Content_Type
);
curl_setopt($handle, CURLOPT_POSTFIELDS, $datas);
curl_setopt_array($handle, array(
CURLOPT_URL => "https://api.netatmo.com/oauth2/token",
CURLOPT_POST => 1,
CURLOPT_POSTFIELDS => $datas,
CURLOPT_VERBOSE => true,
CURLOPT_RETURNTRANSFER => true
)
);
// Execute the session and store the contents in $result
$result=curl_exec($handle);
// Closing the session
curl_close($handle);
$array = json_decode($result, true);
var_dump($array);
return [$array['access_token'],$array['refresh_token'],$array['expires_in']];
}
/*------------------------------------------------------------------------------*/
/* Main Routine */
/*------------------------------------------------------------------------------*/
[$access_token, $refresh_token, $expire_token ] = get_token($grant_type,$client_id,$client_secret,$code,$scope,$redirect_uri,$Content_Type);
echo " atoken ".$access_token."\n rtoken ".$refresh_token."\n etoken ".$expire_token ;
?>
Comments
4 comments
Hello,
$grant_type="autorization_code"; <= there is a missing "h" in "authorization"
$datas = array("grant_type"=>$grant_type,"client_id"=>$client_id,"client_secret"=>$client_secret,"code"=>$code,"scope"=>$scope,"redirect_uri"=>$redirect_uri,"Content-Type:" => $Content_Type
); <= I can't confirm if it would work or no
I added a code snippet I generated, this one should work and seems easier :
Have a good day,
Leslie - Community Manager
Hello Leslie,
A huge thanks for your eye! The sun is now shinning
Of course you're right the letter h was missing.
I tested first with your code then with mine, both work correctly.
One last question about
redirect_uri parameter it is mandatory when using the code received so in the PHP scrpt, but it seems not mandatory for the first step : https://api.netatmo.com/oauth2/authorize?client_id=xxxx
* We are completely uploaded and fineas it is already on the form of the apps (https://dev.netatmo.com/apps)
To be clear when I write the uri_redirect on url authorize the code seems not valid and got "invalid grant' , when I do not write the uri_redirect on url authorize the code works like as a charm.
It is correct?
Thanks again / have a nice day
Phil
< HTTP/1.1 200 OK
< Server: nginx
< Date: Mon, 13 Jan 2025 12:17:31 GMT
< Content-Type: application/json
< Transfer-Encoding: chunked
< Connection: keep-alive
< Cache-Control: no-store
< X-XSS-Protection: 1; mode=block
< Access-Control-Allow-Origin: *
< Strict-Transport-Security: max-age=31536000; includeSubDomains
< X-Powered-By: Netatmo
<
* Connection #0 to host api.netatmo.com left intact
array(5) {
["access_token"]=>
string(57) "5xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx5"
["refresh_token"]=>
string(57) "5xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx8"
["expires_in"]=>
int(10800)
["expire_in"]=>
int(10800)
["scope"]=>
array(1) {
[0]=>
string(12) "read_station"
}
}
Hello Phil,
Indeed, the redirect_uri parameter will only be mandatory in the first /token request (the one where "code" parameter is asked)
It's not mandatory to set a redirect_uri in your app's parameters on dev.netatmo. But if you do it, it must exactly match the one you ask in your /token request (don't forget last "/" characters for example)
Have a good day,
Leslie - Community Manager
Hello Leslie,
Understood
Thanks for your time.
best regards / Phil
Please sign in to leave a comment.