Bad Request 400 when requesting Reddit OAuth2 token

Question

I am trying to use reddit api to send private message on behalf of the user. But I am not being able to complete the Oauth2 authorization to get an access token.

I am following the guide here: https://github.com/reddit-archive/reddit/wiki/OAuth2

I have created a reddit developer app and I am following the code flow steps. After getting the code from the authorization endpoint, I make the following request to exchange the code for an access token.

curl --location --request POST 'https://www.reddit.com/api/v1/access_token' \
--header 'User-Agent: *******' \
--header 'Authorization: Basic *******' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=authorization_code' \
--data-urlencode 'code=*******' \
--data-urlencode 'redirect_uri=http://localhost:1410/'

But instead of the access token, I get the following error:

{
    "message": "Bad Request",
    "error": 400
}

Any ideas what I am doing wrong?

I would guess that your Auth header is correct, otherwise you'd be seeing a 401 instead of a 400. I would also guess that the redirect_uri is correct/acceptable because you passed the authorization step without error. Some things I would try are: removing the User-Agent header and not urlencoding the parameters. Really, those are just guesses. I found nothing in that guide that indicates you are doing anything wrong and no documentation for what a 400 response means here other than the general understanding of that http status code. — Jason S., Sep 14 '22 at 13:39

score 1 · Accepted Answer · answered Feb 08 '23 at 08:40

1

It has been a few months since the question was posted. I was finally able to solve it.

Here is what I was doing wrong.

After the user logs in and gives the app the necessary permission, you are redirected to a URL that contains the code parameter. I noticed that the codes have #_ at the end. I just removed the trailing #_ and made the same request in my original question and it worked.

answered Feb 08 '23 at 08:40

Wahiduzzaman Khan

155
8

This should have been mentioned in the official GitHub [documentation](https://github.com/reddit-archive/reddit/wiki/OAuth2#retrieving-the-access-token), but unfortunately it's been archived since 2017. – Meghajit Mar 24 '23 at 14:22

score 0 · Answer 2 · answered Sep 30 '22 at 09:41

'I had the same issue. Turns out I selected application type as 'Script' in my app setting while I was following the Authorization steps for a different App Type(web) Follow this one for Script: https://github.com/reddit-archive/reddit/wiki/OAuth2-Quick-Start-Example

Bad Request 400 when requesting Reddit OAuth2 token

2 Answers2