Adding/Removing/Managing Contacts by API & Access Tokens don't make any sense

My goal is to manage my contacts by API. I am using the PHP SDK.

I have a website, I have a CRM, and I want to use infusionsoft for email marketing.

When I push a new lead on my CRM, I want to push the lead to infusionsoft as a new contact, or modify the contact if it already exists. I want this all to happen in the background. Pretty straightforward stuff.

Now, I am trying to implement this and I’m stuck at the access token part. First of all, I don’t fully understand the access token logic because the documentation is weak, to say the least.

I have registered an app on mashery for which I have a clientID and secret.
I go here, hit the API Access link, and I generate an access token and a refresh token: https://accounts.infusionsoft.com/app/central/home

On my script, my understanding is that I first need to create my infusionsoft object as such:

$infusionsoft = new Infusionsoft\Infusionsoft(array(
‘clientId’ => env(‘INFUSIONSOFT_CLIENT_ID’),
‘clientSecret’ => env(‘INFUSIONSOFT_SECRET’),
‘redirectUri’ => env(‘APP_URL’).‘/api/v2/infusionsoft/auth’
));

Then, I need to set a token, as such:
$infusionsoft->setToken($myToken); // here i use the access token I generated

And then I try to use the infusionsoft object to start managing contacts, but I get a not so nice Token Expired Exception. I try again with the refresh token, same problem.

I look for guidance in the PHP SDK, inside the addWithDupCheck.php file, but that basically gets you to use the API to generate an authorization URL, click a button, to generate a code with which you generate an access token, which defeats the purpose of using an API because it requires you to manually click a button.

So, I’m stuck.

(a) can someone explain the logic behind these tokens?
(b) how can I automate token generation to support my use case
(c) what am I doing wrong?

OAuth has some key differences and IS has some additional expiration requirements than other authentication methods. I have a video that might help clear some of it up:

30 minute video?
Cant you guys just write up API and SDK documentation

So exaggerating a 17 minute video to start with. By ‘You Guys’ you are referring to the 80% community (not IS employees) that helps others on their own time completely free of charge.

care to try again :stuck_out_tongue_winking_eye:

Sorry but none of this explains why my newly generated access token and refresh tokens don’t work.

I understand that I need to store these tokens in my DB and refresh them every 24 hours (and I built most of this functionality out already) but none of this helps explain why I get a Token Expired Exception.

I am bypassing the requestAccessToken()/auth code steps by getting the tokens through infusionsoft’s website. I don’t need to call refreshAccessToken() yet because 24 hours have not passed.

Okay so I hope this helps someone else using the PHP SDK.

What I was doing wrong is that I was using the access_token string as the parameter when calling $infusionsoft->setToken($token)

$token should actually be a Token object, as such:

$token_data = [
‘access_token’ => ‘YOUR_ACCESS_TOKEN’,
‘refresh_token’ => ‘YOUR_REFRESH_TOKEN’,
‘expires_in’ => ‘86400’
];
$token = new Infusionsoft\Token($token_data);
$infusionsoft->setToken($token);

Now from here, when your token expires, what I think you have to do is call this function:
$new_token = $infusionsoft->refreshAccessToken();

then you can grab $new_token->getAccessToken() or $new_token->getRefreshToken(), save them to your database, and take care of future API requests with the refreshed token.

And yes, you can grab your initial access and refresh tokens from here https://accounts.infusionsoft.com/app/central/home

Correct, that is one of the gotcha’s that the video warns against :stuck_out_tongue_winking_eye: We’ll mark this as solved to make it easier for those searching to find.