400 unsupported_grant_type

POST https://app.asana.com/-/oauth_token


content-type:application/json; charset=UTF-8


“client_id”: “1204XXXXXXXXXXX”,
“code_verifier”: “705bdf87-a0fc-4f8e-b0d3-79736720ab9e”,
“grant_type”: “authorization_code”,
“redirect_uri”: “https://domain.com/oauth2redirect


code_verifier: random UUID String
code: return query code in redirect_url

Response 400:

“error”: “unsupported_grant_type”,
“error_uri”: “https:\u002F\u002Fasana.com\u002Fdevelopers\u002Fdocumentation\u002Fgetting-started\u002Fauthentication”,
“error_description”: “The supported grant types are authorization_code and refresh_token.”


curl --location ‘https://app.asana.com/-/oauth_token
–header ‘Content-Type: application/json; charset=UTF-8’
–header ‘Cookie: logged_out_uuid=6270cf9cd5c1f9861932e2a48b0692e3’
–data ‘{
“client_id”: “120XXXXXXXXXX”,
“code_verifier”: “705bdf87-a0fc-4f8e-b0d3-79736720ab9e”,
“grant_type”: “authorization_code”,
“redirect_uri”: “https://dominio.com/oauth2redirect

the api was also executed in postman getting the same error.

Please someone who can explain to me the reason for the error and how to solve it.

Hi @Bruno_Daniel_Navarro,

While not illustrated here, I will assume you’ve successfully done the first step of the OAuth process and it’s returned to you the value that you’re then putting into the code parameter in your illustrated call - correct?

If so…

I’m not sure if this is the problem or not, but you’re sending your message as json-encoded while the API docs say

passing the parameters as part of a standard form-encoded POST body.