Hello STRATTFORT
The "invalid client secret" error typically occurs if the secret is invalid, expired, or has a special character in it.
There are couple of solutions:
Client Secret Format:
- Ensure that you’re passing the client_secret correctly. It should be used in a web app or web API, not in a native app. Native apps may have difficulty reliably storing client secrets on devices1.
- Make sure you’re using the actual client secret value, not the client secret ID.
Check Encoding:
- Avoid encoding the secret; provide it as-is. Encoding might cause issues, especially if there are special characters involved.
Plus Sign Issue:
- If your client secret contains a “+” (plus sign), regenerate it until you get a secret without the plus sign. Some systems might interpret the plus sign differently2.
- Try to encode your secret ( e.g. replace
+
by%2B
,=
by%3D
etc)