🔧 API Debug Demo - OAuth2 Token Test

Tested at: 2026-04-10 19:21:40 UTC

📋 Test Configuration

API Endpoint: https://cpservm.com/gateway/token
Method: POST
Content-Type: application/x-www-form-urlencoded
Documentation: OAuth2 Client Credentials Flow

🔑 Test 1: Current Production Credentials

Client ID: partners-9bda431041c27cb15ff617d999963880
Client Secret: ad2k79moKjuDn*6Op94e...

Test A: Bez grant_type

HTTP Status: 400
Content-Type: text/plain; charset=utf-8
Response Time: 0.629s
Effective URL: https://cpservm.com/gateway/token

POST Data Sent:

client_id=partners-9bda431041c27cb15ff617d999963880&client_secret=ad2k79moKjuDn%2A6Op94eVCtQpw7jzCDoq%40KT8SPuPLOnTW9TI1v6OPjn%25DqTUx1g

Response Headers:

HTTP/2 400 
server: Angie
date: Fri, 10 Apr 2026 19:21:41 GMT
content-type: text/plain; charset=utf-8
strict-transport-security: max-age=63072000; includeSubDomains; preload

Response Body:

{"error":"invalid_client"}

❌ FAILED! HTTP 400

Test B: S grant_type=client_credentials

HTTP Status: 400
Content-Type: text/plain; charset=utf-8
Response Time: 0.629s
Effective URL: https://cpservm.com/gateway/token

POST Data Sent:

client_id=partners-9bda431041c27cb15ff617d999963880&client_secret=ad2k79moKjuDn%2A6Op94eVCtQpw7jzCDoq%40KT8SPuPLOnTW9TI1v6OPjn%25DqTUx1g&grant_type=client_credentials

Response Headers:

HTTP/2 400 
server: Angie
date: Fri, 10 Apr 2026 19:21:41 GMT
content-type: text/plain; charset=utf-8
strict-transport-security: max-age=63072000; includeSubDomains; preload

Response Body:

{"error":"invalid_client"}

❌ FAILED! HTTP 400

🔑 Test 2: Latest Credentials Test

Client ID: partners-9bda431041c27cb15ff617d999963880
Client Secret: JOjEnJw6j&iHH4aL44LS...

Test A: Bez grant_type

HTTP Status: 400
Content-Type: text/plain; charset=utf-8
Response Time: 0.634s
Effective URL: https://cpservm.com/gateway/token

POST Data Sent:

client_id=partners-9bda431041c27cb15ff617d999963880&client_secret=JOjEnJw6j%26iHH4aL44LS%40%26894jFu%25nWQs3O%21vIzx%26%26rAsPq%2123U81%23BQr0XiNyr

Response Headers:

HTTP/2 400 
server: Angie
date: Fri, 10 Apr 2026 19:21:42 GMT
content-type: text/plain; charset=utf-8
strict-transport-security: max-age=63072000; includeSubDomains; preload

Response Body:

{"error":"invalid_client"}

❌ FAILED! HTTP 400

Test B: S grant_type=client_credentials

HTTP Status: 400
Content-Type: text/plain; charset=utf-8
Response Time: 0.634s
Effective URL: https://cpservm.com/gateway/token

POST Data Sent:

client_id=partners-9bda431041c27cb15ff617d999963880&client_secret=JOjEnJw6j%26iHH4aL44LS%40%26894jFu%25nWQs3O%21vIzx%26%26rAsPq%2123U81%23BQr0XiNyr&grant_type=client_credentials

Response Headers:

HTTP/2 400 
server: Angie
date: Fri, 10 Apr 2026 19:21:43 GMT
content-type: text/plain; charset=utf-8
strict-transport-security: max-age=63072000; includeSubDomains; preload

Response Body:

{"error":"invalid_client"}

❌ FAILED! HTTP 400

🔑 Test 3: New Credentials Set 2

Client ID: partners-90339991e95db588ebacf4410e902d9b
Client Secret: lfhIJJ#hpDA3wNCsCgTb...

Test A: Bez grant_type

HTTP Status: 400
Content-Type: text/plain; charset=utf-8
Response Time: 0.611s
Effective URL: https://cpservm.com/gateway/token

POST Data Sent:

client_id=partners-90339991e95db588ebacf4410e902d9b&client_secret=lfhIJJ%23hpDA3wNCsCgTbXEhbCcYa4%23l6%26jTHFW4%266I5HRsDjJ%26BvU%25m%23woOGN

Response Headers:

HTTP/2 400 
server: Angie
date: Fri, 10 Apr 2026 19:21:43 GMT
content-type: text/plain; charset=utf-8
strict-transport-security: max-age=63072000; includeSubDomains; preload

Response Body:

{"error":"invalid_client"}

❌ FAILED! HTTP 400

Test B: S grant_type=client_credentials

HTTP Status: 400
Content-Type: text/plain; charset=utf-8
Response Time: 0.607s
Effective URL: https://cpservm.com/gateway/token

POST Data Sent:

client_id=partners-90339991e95db588ebacf4410e902d9b&client_secret=lfhIJJ%23hpDA3wNCsCgTbXEhbCcYa4%23l6%26jTHFW4%266I5HRsDjJ%26BvU%25m%23woOGN&grant_type=client_credentials

Response Headers:

HTTP/2 400 
server: Angie
date: Fri, 10 Apr 2026 19:21:44 GMT
content-type: text/plain; charset=utf-8
strict-transport-security: max-age=63072000; includeSubDomains; preload

Response Body:

{"error":"invalid_client"}

❌ FAILED! HTTP 400

🔑 Test 4: Documentation Example

Client ID: test
Client Secret: fDIRK7NDWoRY61MPYovi...

Test A: Bez grant_type

HTTP Status: 400
Content-Type: text/plain; charset=utf-8
Response Time: 0.608s
Effective URL: https://cpservm.com/gateway/token

POST Data Sent:

client_id=test&client_secret=fDIRK7NDWoRY61MPYoviXrF%24J7b7GKHmfd%40%23v0znvkPtUl9O

Response Headers:

HTTP/2 400 
server: Angie
date: Fri, 10 Apr 2026 19:21:45 GMT
content-type: text/plain; charset=utf-8
strict-transport-security: max-age=63072000; includeSubDomains; preload

Response Body:

{"error":"invalid_client"}

❌ FAILED! HTTP 400

Test B: S grant_type=client_credentials

HTTP Status: 400
Content-Type: text/plain; charset=utf-8
Response Time: 0.612s
Effective URL: https://cpservm.com/gateway/token

POST Data Sent:

client_id=test&client_secret=fDIRK7NDWoRY61MPYoviXrF%24J7b7GKHmfd%40%23v0znvkPtUl9O&grant_type=client_credentials

Response Headers:

HTTP/2 400 
server: Angie
date: Fri, 10 Apr 2026 19:21:45 GMT
content-type: text/plain; charset=utf-8
strict-transport-security: max-age=63072000; includeSubDomains; preload

Response Body:

{"error":"invalid_client"}

❌ FAILED! HTTP 400

📝 Summary for API Developers

Issue: All tested credentials return {"error":"invalid_client"}

Implementation: Following OAuth2 Client Credentials flow exactly as documented

Request needed: Working client_id and client_secret for production environment

Contact: Please verify which credentials should be used and check server-side logs

🔗 Share this URL

Send this URL to API developers:


                https://jirka3.claudev.cz/api_debug_demo.php