322402: Invalid credentials

This error occurs when the Token API rejects the credentials in a token generation request for an OAuth app. To generate an access token, send the OAuth app's client_id and client_secret in the request body and set grant_type to client_credentials.

• The client_id or client_secret in the request is incorrect, or the values do not belong to the same OAuth app.
• The request is using a secret that was rotated and is no longer active. After you rotate a secret, the previous secret remains valid for 24 hours before becoming inactive.
• The request was built with the wrong OAuth credentials for the app you intended to use. Twilio generates a Client ID and Client Secret for each OAuth app and uses those credentials to request an access token.

• Copy the current Client ID and Client Secret from the OAuth app in Console and send them as client_id and client_secret in the Token API request.
• Set grant_type to client_credentials and submit the request as application/x-www-form-urlencoded.
• If you recently rotated the secret, update your application to use the new secret. If more than 24 hours have passed since the rotation, stop using the previous secret.
• If the credentials still fail, open the OAuth app in Console and verify that you are using the correct app before generating a new token.

• OAuth Token API
• OAuth apps