❌ Getting 403 or Invalid Client Secret with Upstox API on Replit (OAuth2 Integration Help Needed)

:page_facing_up: Body:

Hi everyone,
I’m building a real-time F&O IV Spike Detection System using:


:puzzle_piece: Problem:

I’m trying to integrate the Upstox OAuth2 flow, but keep getting:

json

CopyEdit

{
  "status": "error",
  "errors": [{
    "errorCode": "UDAPI100069",
    "message": "Check your 'client_id' and 'client_secret'; one or both are incorrect."
  }]
}

I’ve confirmed:

  • My client_id and client_secret are correctly copy-pasted
  • My redirect_uri is set to https://127.0.0.1:5000/ (same in app + request)
  • I generated the code successfully after logging in

Still getting this error when exchanging the code for a token via:

bash

CopyEdit

curl -X POST https://api.upstox.com/v2/login/authorization/token \
  -d "code=..." \
  -d "client_id=..." \
  -d "client_secret=..." \
  -d "redirect_uri=https://127.0.0.1:5000/" \
  -d "grant_type=authorization_code"

@KEVIN_2193820 This might be helpful