Buses Realtime Authentication Issues

When accessing the Realtime trip update feed I am getting authentication errors, however if I access the buses vehicle position feed that is downloading without issues using the same AAuth information. Can this be investigated? Appears to be happening intermittedly.

Hi @jason120au, can you please give me the command you’re using to access the feed (don’t post your API key) so we can investigate this further. Also please confirm what error you’re getting.


Its the standard PHP curl code passing the authentication bearer as a header. The authentication code is valid. The feed is also returning a blank file also intermittently.

Hi @jason120au, are you passing the grant type and scope parameters in the post body?

Eg. curl -X POST -H “Authorization: Basic xxxxxxx” --data ‘grant_type=client_credentials&scope=user’ https://api.transport.nsw.gov.au/auth/oauth/v2/token

yes passing the grant and scope stuff

I have been seeing this happen today for a period of about 5 minutes between 8:24pm and 8:29pm I was getting authentication errors. The code below is what I am using to obtain a authenication code.
$url = https://xxxxxxx:yyyyyyy@api.transport.nsw.gov.au/auth/oauth/v2/token?scope=user&grant_type=client_credentials
$params = array(

function httpPost($url,$params)
$postData = ‘’;
//create name value pairs seperated by &
foreach($params as $k => $v)
$postData .= $k . ‘=’.$v.‘&’;
$postData = rtrim($postData, ‘&’);

$ch = curl_init();  

curl_setopt($ch,CURLOPT_HEADER, false); 
curl_setopt($ch, CURLOPT_POST, count($postData));
curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);    


return $output;


I have noticed that if I authenticate using the API key instead of using OAuth it almost always works. The vehicle position feed which uses the exact same code always works where is the trip realtime feed does not.

Hi Jason

Are you doing more than 5 calls per second for this API? I’m not sure why oauth would be different than using an API key as it should be the same. The current default plan limits to 5 calls per second. Some of our other forum members have suggested just shifting the calls by a second so there is no clashing.

Also just to be sure you aren’t over the rate limit, “real time files are updated every 15 to 30 seconds. It is recommended that you update every 30 seconds” (from our Troubleshooting page.)

Let us know if that helps.

The cron job runs every 2 minutes so I won’t say I would be reaching any limits.

Thanks. We’re getting this investigated.

If you do find any other details that may help with our troubleshooting please post it here or send either Alex or myself a direct message.

Hi Jason

Can you try again? Our services have been updated overnight and hopefully the problem is resolved using OAuth. If not the suggestion is to move to using an API key.


I have noticed that it has improved over the past few days and I haven’t noticed any failed authentication attempts. Thank you for your help.

1 Like