Symptom
For the OAuth Token call using url: https://<apisalesdemo.successfactors.com>/oauth/token, getting below error message-
"errorHttpCode": "401",
"errorMessage": "Unable to authenticate the client (Login failed - invalid user)"
Environment
- SAP Successfactors HXM Suite
- OData API
- OAuth 2.0
Resolution
You should always use a VALID userId (rather than username) in your OAuth token request to avoid the 401 error message.
If you wish to use the user name or user e-mail instead of the userId to authenticate the call, please include the use_email = true or use_username = true parameter in the SAML assertion generation request payload. You may refer to Generating a SAML Assertion for more information.
NOTE: If you're passing the userId (not user name nor e-mail) and the userId is in e-mail format (user.example@domain.com), the authentication will fail. OAuth does not accept an userId in this format unless the 'use_email=true' parameter is used.
Keywords
OAuth Authentication, Unable to authenticate the client (Login failed - invalid user), OAuth, Invalid user , KBA , LOD-SF-INT-ODATA , OData API Framework , LOD-SF-INT , Integrations , Problem