2 Replies Latest reply on Jun 23, 2016 1:24 PM by e7a7d3847f3275575c7833cc178295551fa2067f

    Authentication - API inconsistent behavior ( wrong credentials accepted generating invalid token)

      Hi everyone, here the issue we're hitting.

       

      We have 2 sandbox

      Each of them has (by design)  different endpoints and different credentials to authenticate as described on http://developers.marketo.com/documentation/rest/authentication/

       

      If we use the the endpoing of the sandbox A but the client id and secret of the sandbox 2 the token request succeed but the token is invalid

       

       

      // TOKEN REQUEST 
      https://ABC.mktorest.com/identity/oauth/token?grant_type=client_credentials&client_id=********&client_secret=********
      // RESPONSE
      {     access_token: "81e05494-a776-42c0-935f-65b1d798b04d:ab",     token_type: "bearer",     expires_in: 2961,     scope: "***" }
      ----------------------------------------
      // REQUEST
      https://ABC.mktorest.com/rest/v1/activities/types.json?access_token=81e05494-a776-42c0-935f-65b1d798b04d:ab

      // RESPONSE
      {     requestId: "*****",     success: false,     errors: [         {             code: "603",             message: "Access denied"         }     ] }