Issue
I am trying to mimic the following cURL request using ColdFusion CFHTTP
curl -u myCl13nt1D:my53cR3tK3Y -X POST --data "grant_type=password&username=x&password=y" https://www.sitename.net/token
<cfhttp url="https://www.sitename.net/token" method="post" username="x" password="y">
<cfhttpparam type="url" name="client_id" value="myCl13nt1D" />
<cfhttpparam type="url" name="client_secret" value="my53cR3tK3Y" />
<!--- attempt 1 - without using cfhttp username/password attributes
<cfhttpparam type="formfield" name="grant_type" value="password" />
<cfhttpparam type="formfield" name="username" value="x" />
<cfhttpparam type="formfield" name="password" value="y" />
--->
<!--- attempt 2 - without using cfhttp username/password attributes
<cfhttpparam type="formField" name="data" value="grant_type=password&username=x&password=y" />
--->
<!--- attempt 3 - using cfhttp username/password attributes --->
<cfhttpparam type="formField" name="data" value="grant_type=password" />
</cfhttp>
In command prompt, cURL request works returing expected result but using CFHTTP I get the following error (status code 401 Unauthorized )
{"error":"unauthorized_client","error_description":"That application is not registred or blocked"}
I've attempted different ways to pass the required parameters but they all return the same error.
Solution
-u myCl13nt1D:my53cR3tK3Y is BasicAuth and split as username/password attributes in cfhttp. Try this instead:
<cfhttp url="https://www.sitename.net/token" method="post" username="myCl13nt1D" password="my53cR3tK3Y">
<cfhttpparam type="formfield" name="grant_type" value="password" />
<cfhttpparam type="formfield" name="username" value="x" />
<cfhttpparam type="formfield" name="password" value="y" />
</cfhttp>
Looking at this request, you are authenticated using BasicAuth, and authorized with the endpoint's username/password login mechanism, most likely OAuth2.
Answered By - Alex Answer Checked By - Marie Seifert (WPSolving Admin)