I’m working on integrating with the Infor OS ION API Enterprise Quoting system using Postman v11.39.2 to retrieve data from the Quote and OrderLine endpoints. I’m encountering two persistent issues: an unsupported_grant_type error when fetching an access token and a 401 Unauthorized error when making API calls. I’ve made some progress but need help resolving these errors.

Project Details
API: Infor OS ION API Enterprise Quoting
Environment: [REDACTED_TENANT] (a test tenant)
Postman Version: v11.39.2
Authentication: OAuth 2.0 (initially using client_credentials, but the API seems to require password grant type)
Endpoints:
Token URL: https://[REDACTED_SSO_DOMAIN]:443/[REDACTED_TENANT]/as/token.oauth2
API Base URL: https://[REDACTED_API_DOMAIN]/[REDACTED_TENANT]/CPQEQ/RuntimeApi/EnterpriseQuoting/Entities
Target Endpoints: /Entities/Quote and /Entities/OrderLine

Issue 1: unsupported_grant_type Error
When I attempt to fetch an access token using the client_credentials grant type, I get the following error:

Request:

Method: POST
URL: https://[REDACTED_SSO_DOMAIN]:443/[REDACTED_TENANT]/as/token.oauth2
Grant Type: client_credentials
Authorization: Basic Auth with client_id and client_secret encoded in the header

Response:

{
"error": "unsupported_grant_type",
"error_description": "Unsupported grant type client_credentials. Expected one of password"
}

Environment Variables (from my Postman environment):

{
"id": "[REDACTED_ENV_ID]",
"name": "inforCPQ Copy",
"values": [
{ "key": "tenant", "value": "[REDACTED_TENANT]", "type": "default", "enabled": true },
{ "key": "client_id", "value": "[REDACTED_CLIENT_ID]", "type": "default", "enabled": true },
{ "key": "client_secret", "value": "[REDACTED_CLIENT_SECRET]", "type": "default", "enabled": true },
{ "key": "token_url", "value": "https://[REDACTED_SSO_DOMAIN]:443/{{tenant}}/as/token.oauth2", "type": "default", "enabled": true },
{ "key": "api_base_url_new", "value": "https://[REDACTED_API_DOMAIN]/{{tenant}}/CPQEQ/RuntimeApi/EnterpriseQuoting/Entities", "type": "default", "enabled": true }
]
}

The error suggests that the API expects the password grant type instead of client_credentials. However, I don’t have the username and password for the [REDACTED_TENANT] tenant yet (I’ve requested them from the API team). In earlier tests, client_credentials worked, so I’m unsure if the API configuration has changed.
 
Issue 2: 401 Unauthorized Error
When I make a GET request to the Quote endpoint using an existing token, I get a 401 Unauthorized error because the token has expired:

Request:

Method: GET
URL: https://[REDACTED_API_DOMAIN]/[REDACTED_TENANT]/CPQEQ/RuntimeApi/EnterpriseQuoting/Entities/Quote
Response:

{
"error": "Unauthorized"
}

Token Details:

iat: [REDACTED_TIMESTAMP] (a past timestamp)
exp: [REDACTED_TIMESTAMP] (a past timestamp, expired)
Request Time: [REDACTED_TIMESTAMP] (after token expiration)
The www-authenticate header confirms the token is invalid: Bearer realm="IONAPI", error="invalid_token".

OpenAPI Specification
Here’s the relevant part of the OpenAPI specification for the /Entities/{entityDefinitionName} endpoint I’m trying to access:

{
"paths": {
"/Entities/{entityDefinitionName}": {
"get": {
"summary": "Get a list of entity records",
"parameters": [
{
"name": "entityDefinitionName",
"in": "path",
"description": "The name of the entity.",
"required": true,
"schema": { "type": "string" }
}
],
"responses": {
"200": {
"description": "Action was successful.",
"content": {
"application/json": {
"schema": {
"type": "object",
"properties": {
"items": { "description": "An array of the entity record objects returned by the query" },
"totalItems": { "description": "Total items returned by query" }
}
}
}
}
},
"401": { "description": "Unauthorized" },
"403": { "description": "Not authorized to execute the action." },
"404": { "description": "Entity record was not found." }
}
}
}
}
}

Steps I’ve Taken
Confirmed Endpoint: The /Entities/Quote and /Entities/OrderLine endpoints match the OpenAPI specification.
Updated Grant Type: I tried switching to the password grant type in Postman, but I’m waiting on the username and password from the API team.
Checked Token Expiration: The 401 Unauthorized error is due to an expired token, which I can’t refresh until I resolve the unsupported_grant_type issue.
Verified Environment: My Postman environment variables are resolving correctly (e.g., token_url and api_base_url_new).

Questions
How can I resolve the unsupported_grant_type error? Should I insist on using client_credentials if it worked before, or is switching to password the correct approach?
Once I get the username and password, how should I configure the password grant type in Postman to fetch a new token successfully?
Are there any additional headers or parameters I might be missing for the /Entities/Quote and /Entities/OrderLine endpoints?
If the entity name OrderLine is incorrect (e.g., I get a 404 Not Found after fixing authentication), how can I find the correct entity name for order lines in the Infor OS ION API?

Additional Context
I plan to automate this process in a Python script using the requests library once I get the API calls working in Postman.
I’ve already resolved a domain mismatch issue by updating the api_base_url_new variable to match the token’s audience.
Any help or suggestions would be greatly appreciated! Thanks in advance.