I am working on integrating with the Infor OS ION API Enterprise Quoting system using Postman v11.39.2 to retrieve data from the Quote and OrderLine endpoints. I’m encountering two persistent issues: an unsupported_grant_type error when fetching an access token and a 401 Unauthorized error when making API calls. I’ve made some progress but need help resolving these errors.
Project Details
API: Infor OS ION API Enterprise Quoting
Environment: [REDACTED_TENANT] (a test tenant)
Postman Version: v11.39.2
Authentication: OAuth 2.0 (initially using client_credentials, but the API seems to require password grant type)
Endpoints:
Token URL: https://[REDACTED_SSO_DOMAIN]:443/[REDACTED_TENANT]/as/token.oauth2
API Base URL: https://[REDACTED_API_DOMAIN]/[REDACTED_TENANT]/CPQEQ/RuntimeApi/EnterpriseQuoting/Entities
Target Endpoints: /Entities/Quote and /Entities/OrderLine
Issue 1: unsupported_grant_type Error
When I attempt to fetch an access token using the client_credentials grant type, I get the following error:
Request:
Method: POST
URL: https://[REDACTED_SSO_DOMAIN]:443/[REDACTED_TENANT]/as/token.oauth2
Grant Type: client_credentials
Authorization: Basic Auth with client_id and client_secret encoded in the header
Response:
{
"error": "unsupported_grant_type",
"error_description": "Unsupported grant type client_credentials. Expected one of password"
}
Environment Variables (from my Postman environment):
{
"id": "[REDACTED_ENV_ID]",
"name": "inforCPQ Copy",
"values": [
{
"key": "tenant",
"value": "[REDACTED_TENANT]",
"type": "default",
"enabled": true
},
{
"key": "client_id",
"value": "[REDACTED_CLIENT_ID]",
"type": "default",
"enabled": true
},
{
"key": "client_secret",
"value": "[REDACTED_CLIENT_SECRET]",
"type": "default",
"enabled": true
},
{
"key": "token_url",
"value": "https://[REDACTED_SSO_DOMAIN]:443/{{tenant}}/as/token.oauth2",
"type": "default",
"enabled": true
},
{
"key": "api_base_url_new",
"value": "https://[REDACTED_API_DOMAIN]/{{tenant}}/CPQEQ/RuntimeApi/EnterpriseQuoting/Entities",
"type": "default",
"enabled": true
}
]
}
The error suggests that the API expects the password grant type instead of client_credentials. However, I don’t have the username and password for the [REDACTED_TENANT] tenant yet (I’ve requested them from the API team). In earlier tests, client_credentials worked, so I’m unsure if the API configuration has changed.
Issue 2: 401 Unauthorized Error
When I make a GET request to the Quote endpoint using an existing token, I get a 401 Unauthorized error because the token has expired:
Request:
Method: GET
URL: https://[REDACTED_API_DOMAIN]/[REDACTED_TENANT]/CPQEQ/RuntimeApi/EnterpriseQuoting/Entities/Quote
Response:
{
"error": "Unauthorized"
}
Token Details:
iat: [REDACTED_TIMESTAMP] (a past timestamp)
exp: [REDACTED_TIMESTAMP] (a past timestamp, expired)
Request Time: [REDACTED_TIMESTAMP] (after token expiration)
The www-authenticate header confirms the token is invalid: Bearer realm="IONAPI", error="invalid_token".
OpenAPI Specification
Here’s the relevant part of the OpenAPI specification for the /Entities/{entityDefinitionName} endpoint I’m trying to access:
{
"paths": {
"/Entities/{entityDefinitionName}": {
"get": {
"summary": "Get a list of entity records",
"parameters": [
{
"name": "entityDefinitionName",
"in": "path",
"description": "The name of the entity.",
"required": true,
"schema": {
"type": "string"
}
}
],
"responses": {
"200": {
"description": "Action was successful.",
"content": {
"application/json": {
"schema": {
"type": "object",
"properties": {
"items": {
"description": "An array of the entity record objects returned by the query"
},
"totalItems": {
"description": "Total items returned by query"
}
}
}
}
}
},
"401": {
"description": "Unauthorized"
},
"403": {
"description": "Not authorized to execute the action."
},
"404": {
"description": "Entity record was not found."
}
}
}
}
}
}
Steps I’ve Taken
Confirmed Endpoint: The /Entities/Quote and /Entities/OrderLine endpoints match the OpenAPI specification.
Updated Grant Type: I tried switching to the password grant type in Postman, but I’m waiting on the username and password from the API team.
Checked Token Expiration: The 401 Unauthorized error is due to an expired token, which I can’t refresh until I resolve the unsupported_grant_type issue.
Verified Environment: My Postman environment variables are resolving correctly (e.g., token_url and api_base_url_new).
Questions
- How can I resolve the unsupported_grant_type error? Should I insist on using client_credentials if it worked before, or is switching to password the correct approach?
- Once I get the username and password, how should I configure the password grant type in Postman to fetch a new token successfully?
- Are there any additional headers or parameters I might be missing for the /Entities/Quote and /Entities/OrderLine endpoints?
- If the entity name OrderLine is incorrect (e.g., I get a 404 Not Found after fixing authentication), how can I find the correct entity name for order lines in the Infor OS ION API?
Additional Context
I plan to automate this process in a Python script using the requests library once I get the API calls working in Postman.
I’ve already resolved a domain mismatch issue by updating the api_base_url_new variable to match the token’s audience.
Any help or suggestions would be appreciated! Thanks in advance.
