Where to change client_id and client_secret

Question

I am a freelance software developer trying to send data to the sugarCRM endpoint of a client. This is my first time interacting with sugarCRM and it is not the principal focus of my project for the company-client, so I really just need it to work.

In order to authenticate, I am doing this:

curl -X POST -H Cache-Control:no-cache -d '{   "grant_type":"password",  "client_id":"sugar",  "client_secret":"",  "username”:"<username>",  "password”:"<password>",  "platform":"base" }' https://<companyname>.sugarondemand.com/rest/v10/oauth2/token

The answer is then:

Bad data passed in; <a href="https://<companyname>.sugarondemand.com">Return to Home</a>

My client has assigned a non-technical person to do all the sugarCRM setup and that person can not really help. I know the "username" and the "password" are correct, as well as the "grant_type", my only worries are the "client_id", the "client_secret" and the "platform". Where do I set these variables in the sugarCRM interface?

This is all I get when I enter "Settings -> Client OAuth":

To make matters worse, my client's sugar is in Spanish, which I fluently speak, but I have no idea how the sugarCRM translator decided to translate "client_secret" and "client_id" to Spanish and I don't know which ones are their values. Also, values for "platform" are "base", "mobile" and "portal". Which on is for which uses? Whichever I use, I keep getting the same error.

Any help will be greatly appreciated.

Thanks

Luisa Castano · Accepted Answer

Hi Luisa, Matt's response has the answer for your issue but not, I think, the exact cause. I too get that Bad Data error when using curl on the bash CLI (from Ubuntu) if I forget to explicitly state the content type. So in Matt's answer, I believe including the -H 'Content-Type: application/json' section is what is making the call work rather than fixing any non-conforming characters. That is what I have found anyway. Took me ages to work it out the first time I was hit with it. I still get it cropping up from time to time when I lazily copy-and-paste bash commands from a previous piece of work without realising I have not used the correct one Good luck with your integrations with Sugar. If you get stuck again at all you'll find the community in here very helpful generally. Thanks, JH.

client_id	String	The client_id of "sugar" will automatically create an OAuth Key in the system and can be used for "password" authentication. The client_id of "support_portal" will create an OAuth Key if the portal system is enabled and will allow for portal authentication. Other client_id's can be created by the administrator in the OAuthKeys section in the Administration section and can be used in the future for additional grant types, if the client secret is filled in, it will be checked to validate use of the client id.
client_secret	String	The client's secret key