Discussions
Become a Partner

Discussions

Ask a Question
Back to All

Requesting an Authentication Token results in a 403 for newly created API credentials

10 months ago by Erik Wittern

Hi,

Since yesterday, we observe that we can longer obtain an auth token via the https://api.personio.de/v1/auth endpoint for newly created credentials (client_id + client_secret). I.e., our integration with the Personio API that had been working for months now does no longer work when customers attempt to setup a new integration. In contrast, existing integrations based on previously created credentials continue to work.

We can reproduce the error: when we create new API credentials, sending them (client_id and client_secret) to https://api.personio.de/v1/auth results in a 403.

The response, in addition to the 403 status code, contains the following body:

{
  "success": false,
  "error": {
    "code": 0,
    "message": "Wrong credentials"
  }
}

We observed that lately both the client_id and client_secret start with the prefix papi-. Should this be expected based on https://developer.personio.de/changelog/authentication-api-improved-bearer-token?

Best,

Erik