Getting "invalid_client" while first time calling API

Skip to first unread message


Jul 23, 2019, 4:27:11 PM7/23/19
to FatSecret Platform API
Hi ,

I have been trying to call the very first API after I received, ID and Key and I get this "invalid_client" error
Here is my curl request

curl -u CUSTOMER_ID:CUSTOMER_SECRET -d "grant_type=client_credentials&scope=basic" -X POST 


I would really appreciate if anyone has seen this and help me resolve. It seems like the server is missing a configuration to validate me as a client with the given credentials! Whom should I connect with?


Abdulmalik Wada

Aug 10, 2022, 5:33:40 AMAug 10
to FatSecret Platform API
Hello, Please were you able to solve this? If yes, can you walk me through it? currently struggling with this. 


Aug 10, 2022, 5:35:28 AMAug 10
to FatSecret Platform API
Hi guys,

Please find attached a few screenshots from Postman in particular regarding Authorization.

Kind regards,
The FatSecret Platform API Team


Kevin Nguyen

Nov 22, 2022, 10:30:22 AM (9 days ago) Nov 22
to FatSecret Platform API
I'm able to get it working with Request API on JS, it looks like this:

Screenshot 2022-11-22 084748.png

I would say you need the content-type in the header set like mine. Hopefully this helps you a bit even if it's a bit late.

Nov 22, 2022, 10:34:04 AM (9 days ago) Nov 22
to FatSecret Platform API
Dear all,

Further to the IP related questions:

To better secure OAuth 2.0 we implemented IP Restrictions.
This restrictions 'white list' IP Addresses for a given client Key/Secret.

We block requests to FatSecret API for a Key/Secret if the source IP is not white listed.Before releasing IP ranges we allowed only 15 specific IP addressesThe new 'ranges' allows users to white list up to 15 ranges of IP addresses.

Example: => is a range that allows any IPV4

For Mobile apps we would recommend using an API proxy server to avoid Mobile Apps communicating directly with FatSecret APIs.

This proxy should be responsible for:

-          Manage the validity / renewal of your OAuth 2.0 access tokens
-          Forward any FatSecret related requests to FatSecret APIs
We would like to ask you to avoid having your client’s credentials part of your Mobile App source code / configuration.

Kind regards,
The FatSecret Platform API Team

Reply all
Reply to author
0 new messages