Problem with authentication token fetch indeed API

Question

I'm trying to get access token from indeed API developers: https://developer.indeed.com/docs/authorization/2-legged-oauth

But after creating fetch like this:

fetch(`https://apis.indeed.com/oauth/v2/tokens`, {
        method: 'POST',
        mode: 'no-cors',
        headers: {
            'Content-Type' : 'application/x-www-form-urlencoded',
            'Accept':'application/json'
        },
        body: JSON.stringify({client_id:'10efaf31aee65fb0b3dfe149c1e7c902c6c909bd02b1bec27c0a1ba1ae600bd4',client_secret:'Mtabdk9KbUulH9WQSvK5dvm3FTDWRflWJXjpcHiqNn4KozUBXRfBMA02MnTl01uK',grant_type:'client_credentials', scope:'employer_access'})
    })
    .then(response => {
        console.log(response);
    })
    .catch(error => {
        console.log(error);
    })

But it's always 400 BadRequest and response is:

Response {type: 'opaque', url: '', redirected: false, status: 0, ok: false, …}

API seems working tested by postman, is there any problem with my fetch?

Your header doesn't match the actual content, the Content-Type claims it will be form data but you're sending JSON. Also you now need to rotate the credentials you just shared publicly. — jonrsharpe, Oct 17 '21 at 07:46
This is not how you send urlencoded form params. See here https://stackoverflow.com/questions/35325370/how-do-i-post-a-x-www-form-urlencoded-request-using-fetch — Rani Sharim, Oct 17 '21 at 07:47

score 0 · Accepted Answer · answered Oct 17 '21 at 07:59

you should use

var myHeaders = new Headers();
myHeaders.append("Content-Type", "application/x-www-form-urlencoded");

var urlencoded = new URLSearchParams();
urlencoded.append("grant_type", "client_credentials");
urlencoded.append("client_id", 
"10efaf31aee65fb0b3dfe149c1e7c902c6c909bd02b1bec27c0a1ba1ae600bd4");
urlencoded.append("client_secret", 
"Mtabdk9KbUulH9WQSvK5dvm3FTDWRflWJXjpcHiqNn4KozUBXRfBMA02MnTl01uK");

var requestOptions = {
method: 'POST',
headers: myHeaders,
body: urlencoded,
redirect: 'follow'
};

fetch("https://apis.indeed.com/oauth/v2/tokens?", requestOptions)
  .then(response => response.text())
  .then(result => console.log(result))
  .catch(error => console.log('error', error));

(index):40 POST https://apis.indeed.com/oauth/v2/tokens? net::ERR_ABORTED 400 (Bad Request) after adding to requestOptions mode: 'no-cors' . Anyway thanks, I will try to find what's wrong with it anyway :/ — Piotr Ciebień, Oct 17 '21 at 08:07

Problem with authentication token fetch indeed API

1 Answers1