@Von_Villafuerte Please correct me if I’m wrong but the base64 encode should be for the key:secret instead of a username and password. The Key and secret can be found in the developer center here: https://keys.developer.infusionsoft.com/apps/mykeys
I would like to make sure that we aren’t getting ahead of ourselves though. To confirm the user is clicking the “Allow” button which is returning an authorization code to your script and the script is then returning the code to get the access token and the refresh token? Calls using the Access token are working correctly it is just that the refresh of an access token isn’t working where a POST is made to https://api.infusionsoft.com/token with the header that looks like this:
Authorization: Basic xxxxxxxxxxxxxxxxx
and the request body sent like this:
Where “MyRefresh” is the most recent refresh token that was authored for the developer application per user per application.