user25730 user25730 - 1 year ago 75
JSON Question

JSON always returning "client_id not specified"

I'm trying to get a token from the ArcGIS Online service using a Javascript. However, it's always returning an error which indicates the client_id isn't specified.

Am I doing everything right here?

<script type="text/javascript">
var MyJSONText = '{"client_id":"<<MY_CLIENT_ID>>","client_secret":"<<MY_CLIENT_SECRET>>","grant_type":"client_credentials","expiration":"1440","f":"json"}';
var MyJSON = JSON.parse(MyJSONText);
xhr = new XMLHttpRequest();"POST", "");
xhr.onreadystatechange = function ()
if (xhr.readyState == 4 && xhr.status == 200)


Edit - full error is:

{"error":{"code":400,"error":"invalid_request","error_description":"client_id not specified","message":"client_id not specified","details":[]}}

Answer Source

I was able to retrieve an access token using application/x-www-form-urlencoded request:

User-Agent: Fiddler
Content-Type: application/x-www-form-urlencoded
Content-Length: 126

client_id=<YOUR ID>&client_secret=<YOUR SECRET>&grant_type=client_credentials&expiration=1440&f=json

which means that you might need to specify the Content-Type request header when making the XHR request:

xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');

and of course properly formatting the body as application/x-www-form-urlencoded instead of JSON. In my tests this endpoint didn't work with JSON payload.

Unfortunately from what it looks, the token endpoint doesn't support setting the Content-Type request header in its CORS policy which means that you might be out of luck in calling it with javascript. Besides their documentation doesn't mention anything about javascript as a supported language.

So basically if you want to make this work you could get the access token on your server side and pass it along to the client.