Access Token Request - unauthorized error

[aa and]

I am now receiving an unauthorized error when attempting to retrieve an access token in our dev environment. The error being reported is "invalid_client". i'm using the client ID/secret from a registered system account we have for our dev environment.

Here is a correlation ID from the error uri: 

Correlation ID: bf55fe21-ae5c-4c08-9f85-338c0cd609d9

endpoint: https://authorization.sandboxcerner.com/tenants/b9a824e6-d862-4d14-abee-ca0268daa296/protocols/oauth2/profiles/smart-v1/token

grant_type: client_credentials

scope: system/AllergyIntolerance.read system/Appointment.read system/Condition.read system/DiagnosticReport.read system/Encounter.read system/Immunization.read system/MedicationOrder.read system/MedicationStatement.read system/Observation.read system/Patient.read system/Patient.write system/Person.read system/Practitioner.read system/Procedure.read system/RelatedPerson.read system/Schedule.read system/Slot.read system/AllergyIntolerance.write system/Appointment.write system/Condition.write system/MedicationStatement.write

also added the following headers:

Authorization: (not sure how to share this value as it contains encoded client ID and secret from system account)

Accept: application/json

I believe i've added everything necessary as per these docs: https://fhir.cerner.com/authorization/#requesting-authorization-on-behalf-of-a-system

i have a client ID and secret that i have retrieved from the system account that are base64 encoded to be used for authorization. but not sure what the best way it to share that. 

[Aaron McGinn (Cerner)]

Indeed, you should not share your Authorization token or secret.

Since you are using a non-production domain and hitting the authorization.sandboxcerner.com server, you should also be using your system account in the SandboxCernerCentral [1]. Note that even if the account IDs are the same between Sandbox and Production, the secrets will be unique.

[1] https://sandboxcernercentral.com/system-accounts/

-Aaron (Cerner)

[aa and]

our old developer left and i wasn't left with any info on our sandboxcerner accounts or the non sandbox accounts... i'll see if i can find info on the sandbox accounts and get access. thank you!