Encryption request with access denied in pivotal config server

When I run the script below, I get the following return:

{"error": "access_denied", "error_description": "Access is denied"}

How do I solve this problem?

const request = require('request');
 
request({
  url: 'access_token_uri',
  method: 'POST',
  auth: {
    user: 'client_id',
    pass: 'client_secret'
  },
  form: {
    'grant_type': 'client_credentials'
  }
}, function(err, res) {
  var json = JSON.parse(res.body);
  encrypt(json.access_token, 'word');
});

function encrypt(token, word){
  request({
    url: 'uri/encrypt',
    method: 'POST',
    auth: {
      'bearer': token
    },
    body: word
  }, function(err, res) {
    console.log(res.body);
  });
}

It's a little hard to tell from your sample, but I think you're getting the wrong type of token. For the /encrypt endpoint, you'd want a password based token.

See the section Get a Password Credentials Access Token for more detals (I can't link directly to that section, you have to scroll down to that it using the previous link).

The process is basically this:

1. cf login
2. cf oauth-token
3. curl -H "Authorization: <oauth-token>" https://uri/encrypt -d 'Value to be encrypted'

If you want to see the API's being used by the cf cli, you can export CF_TRACE=true (Bash) or set CF_TRACE=true (Windows) then repeat the commands. This will dump the HTTP request/response info.