last person joined: 2 days ago 

Expand all | Collapse all

obtain Aruba ClearPass access token

Jump to Best Answer
  • 1.  obtain Aruba ClearPass access token

    Posted Dec 11, 2019 04:28 AM

    I would like to access the Aruba ClearPass REST API. The administrator granted me access to ClearPass with an account using


    as the username and 


    as the password. First I created an API client, these are my settings:



    Next I want to obtain an access token, so I pass in my credentials



    Unfortunately I get a 401 response


      "type": "",
      "title": "invalid_grant",
      "status": 401,
      "detail": "Invalid username and password combination"

    I also tried to use Postman for testing purposes. I call a POST with the url 


    but instantly get this response


    What am I missing or what might be wrong? Thanks in advance


  • 2.  RE: obtain Aruba ClearPass access token
    Best Answer

    Posted Dec 11, 2019 04:57 AM



    Do you have a Oauth2 service ?


    With a token it is working ?

  • 3.  RE: obtain Aruba ClearPass access token

    Posted Dec 11, 2019 05:18 PM



    Which version of ClearPass are you using?


    You would have auto generated client secret while creating the API client. Or if you API client has already been created, you would have option to generate client secret while editing the existing API client. 


    Once you have the client id and client secret, you would be able to generate a token. Refer the python script in Aruba's Official GitHub Repo which does that.


        url = "https://<clearpass_fqdn>/api/oauth"
        headers = {'Content-Type':'application/json'}
    # grant_type: password payload = {

  • 4.  RE: obtain Aruba ClearPass access token

    Posted Dec 12, 2019 04:01 AM

    Your logs indicate that the username & password are not accepted. Do you see the authentication for the username that you used in Access Tracker?


    Here is the service that I have in my deployment for the REST user authentication:

    Screen Shot 2019-12-12 at 09.54.24.png

    Please make sure you see the authentication coming in in Access Tracker, match on the right service, and return an Application Accept.