Hello,
what is the logic of the magic string Bearer OAUTH2_TOKEN, because i'm trying to connect to some 3rd party service and is not working, i get an error:
{"data":null,"error":{"statusCode":400,"error":"Bad Request","message":"{\"status\":\"error\",\"message\":\"Unable to decode token\",\"code\":802,\"result\":802}","data":{"status":"error","message":"Unable to decode token","code":802,"result":802},"metadata":{"request":{"url":"**redacted**","method":"GET","body":null,"headers":{"User-Agent":"Retool/2.0 (+https://docs.tryretool.com/docs/apis)","Authorization":"---sanitized---","X-Retool-Forwarded-For":"::ffff:127.0.0.6"}},"headers":{"content-type":["application/json"],"content-length":["77"],"connection":["keep-alive"],"date":["Mon, 14 Jul 2025 12:11:27 GMT"],"server":["**redacted**"],"x-cache":["Error from cloudfront"],status":401,"statusText":"Unauthorized"},"authenticationStatus":"UNAUTHENTICATED"}}
I have an API service to call which is supposed to be base on Oauth2 Client Credentials, I notice that the auth process response content is similar to:
{
"accessToken":"redacted",
"tokenType":"Bearer",
"expiresIn":1440
}
where the access token is returning into a field named accessToken.
I noticed that similar auth process towards okta the content return in a field named access_token and it works.
Not sure if this info is relevant, but they looks like not compliant RFC 6749 - The OAuth 2.0 Authorization Framework with the specs of Oauth2
