Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

graememullins's avatar

Issues with getting data from an api

Hi,

I'm working on an app, which needs to get data from a 3rd party API and save it, I had it all working, however I then needed to give the app it's own api endpoints, with a middleware route.

The first function now doesn't work, I edited some bits in the kernal and middleware authentication, I've removed these changes, however I still get the error: "code": "401-001-0001", "description":"The client credentials are missing or invalid."

This is relation to the private function, which takes in the 3rrd party provided client id, and serect id to generate a token.

private function getAccessToken()
{
    $tokenEndpoint = 'https://api.PROVIDER.co.uk/oauth2/v1/token';
    $clientId = env('CLIENT_ID');
    $secretId = env('SECRET_ID');

    $response = Http::withOptions([
        'verify' => false,
    ])->asForm()->withHeaders([
        'Authorization' => 'Basic ' . base64_encode($clientId . ':' . $secretId),
    ])->post($tokenEndpoint, [
        'grant_type' => 'client_credentials',
    ]);

    if ($response->successful()) {
        $accessToken = $response->json()['access_token'];
        return $accessToken;
    } else {
        // Request failed, handle the error
        $errorMessage = $response->body();
        throw new Exception($errorMessage);
    }
}

I'm at a loss as to why this is now causing the error, I've tested the 3rd party endpoint in postman, and it works fine, so it's an issue with the Laravel app, I've clearly edited or removed something it needed to call the basic auth.

The error is pointing to line 36; throw new Exception($errorMessage);

Graeme

0 likes
5 replies
LaryAI's avatar
LaryAI
AI
2 years ago
Level 58

The error "The client credentials are missing or invalid" suggests that there is an issue with the client credentials being used to authenticate with the API. Here are a few steps you can take to troubleshoot and resolve the issue:

  1. Verify that the CLIENT_ID and SECRET_ID environment variables are correctly set in your Laravel application's .env file. Make sure they match the credentials provided by the 3rd party API.

  2. Check if the env() function is returning the correct values for CLIENT_ID and SECRET_ID. You can do this by temporarily adding a dd($clientId, $secretId); statement before the $response = Http::withOptions(...) line in the getAccessToken() function. This will dump the values of the variables to the screen. Ensure that the values are not empty and are correct.

  3. Ensure that the Http facade is imported at the top of your file. Add use Illuminate\Support\Facades\Http; at the top of the file if it's not already there.

  4. Check if the API endpoint ($tokenEndpoint) is correct and accessible. You can test this by making a request to the endpoint using a tool like cURL or Postman. Ensure that the endpoint is reachable and returns the expected response.

  5. Verify that the API requires the Authorization header to be sent as Basic authentication. If the API documentation specifies a different authentication method, make sure to adjust the code accordingly.

  6. If the API endpoint requires SSL verification, remove the 'verify' => false option from the Http::withOptions() call. Leaving it as false disables SSL verification, which may cause issues if the API requires it.

  7. If none of the above steps resolve the issue, consider reaching out to the API provider for further assistance. They may be able to provide additional insights or troubleshoot the issue from their end.

Here's an updated version of the getAccessToken() function with some modifications for troubleshooting:

private function getAccessToken()
{
    $tokenEndpoint = 'https://api.PROVIDER.co.uk/oauth2/v1/token';
    $clientId = env('CLIENT_ID');
    $secretId = env('SECRET_ID');

    dd($clientId, $secretId); // Check if the values are correct

    $response = Http::withHeaders([
        'Authorization' => 'Basic ' . base64_encode($clientId . ':' . $secretId),
    ])->post($tokenEndpoint, [
        'grant_type' => 'client_credentials',
    ]);

    // Rest of the code...
}

By following these steps and making the necessary adjustments, you should be able to resolve the issue with getting data from the API.

graememullins's avatar

It's not an issue with the 3rd party api, something's changed in the Laravel app.

Snapey's avatar

run. php artisan config:clear

Then change your code to get the credentials from a config file

Please or to participate in this conversation.