API authentication issue

Hello,

I’m having a bit of an issue trying to use the REST API for authentication.

Some context : I’m developing a web based client to allow players to play some go variants (unicolor, ghost, blindfolded)

The issue :
Using postman, everything works as expected : i’m getting the following response, with a 200 HTTP code:

{
    "access_token": "some_string",
    "expires_in": 36000,
    "token_type": "Bearer",
    "scope": "read write groups",
    "refresh_token": "some_string"
}

But, from my machine, using the Postman client code generator (I tried, JS, Python and cURL), I get an HTTP 400 code along with the following error message:
{"error": "unsupported_grant_type"}

My guess is that for some reason my computer is not trusted by the OGS server, as opposed to the Postman servers, or that there is some underlying CORS issue.

Some clues on what might be happening and/or how I could solve the issue would be greatly appreciated.

Thanks !

I’ve had issues trying to use bearer tokens before and never gotten them to work. That said, using the password grant type does work and takes the following data

{
  "username": "<your_name>",
  "password": "<your_password>",
  "client_id": "<id_from_api_account>",
  "client_secret": "<secret_from_above_account>",
  "grant_type": "password"
}

If you want to see example source code, here is a project I wrote that uses the REST API and specifically the authorization method Rengo-Bot/rest.py at main · dylanross620/Rengo-Bot · GitHub

2 Likes