Oauth using particle:particle with a legacy account

JSchrempp · October 28, 2025, 11:28pm

Hi,

We could use some advice on the Authorization process for using the API. We would like to find a process that works with both older "legacy" accounts and with new Particle accounts.

What works:

Create a new account. Get a token with client ID / client secret of particle:particle

curl ``https://api.particle.io/oauth/token``
-u particle:particle
-d grant_type=password
-d "``username=newaccount@ourdomain.com``"
-d "password=<yourpasswordhere>"

{"token_type":"bearer","access_token":"ffffffff897cc2b320002ddd50000c86145346a8","expires_in":7776000,"refresh_token":"ffffffffa6d1ddd00015b0e95670000d18d2b53a"}

What fails:

Using the same technique on a legacy account fails.

curl ``https://api.particle.io/oauth/token``
-u particle:particle
-d grant_type=password
-d "``username=legacyaccount@ourdomain.com``"
-d "password=<yourpasswordhere>"

{"error":"invalid_grant","error_description":"User credentials are invalid"}

Is there a way to obtain an access token without having to create a client ID / client secret in a legacy account?

rickkas7 · October 29, 2025, 8:40am

That should work. What I use is slightly different and is at least worth a try to see if it makes a difference for you:

postData = {
  'client_id': 'particle',
  'client_secret': 'particle',
  'expires_in': localTokenLength,
  'grant_type': 'password',
  'password': $(passwordInputElem).val(),
  'username': $(usernameInputElem).val()
};

Instead of using basic auth (-u), put the client_id and client_secret in the POST body
Try using JSON encoding for the POST body instead of URL form encoding

JSchrempp · November 25, 2025, 7:32pm

Thanks for the idea. We tried it and it works for one legacy account, but not for another. So, no difference. I’m going to contact Particle Support for advice on this so I can share my username/password.

JSchrempp · November 25, 2025, 11:17pm

@Support In this thread I described a problem with obtaining an authorization token for an older account. I have a CURL command that works when I use a new account. My buddy and I each have older personal accounts and the same command works with them. However, our organization has an older account and the CURL command does not work with that one account. It leads us to think that there is something different about that one account. I assume that to troubleshoot this I will have to share our account information. Would someone contact me to help? Thanks.

Topic		Replies	Views
OAuth failed from my server Cloud	7	1336	April 5, 2019
Change to Particle cloud REST interface? Cloud	10	663	February 20, 2021
Basic Ionic 4 Angular 6 WebApp Photon Developer Login Troubleshooting	4	1780	August 26, 2018
Error: "The access token provided is invalid" Connectivity	5	174	February 13, 2025
Design question: User/password/access token/OAuth client handling? Cloud	9	3123	February 15, 2016

Oauth using particle:particle with a legacy account

Related topics