Works like a boss, Bradley, take the rest of the day off. My problem was a little skull-thickness and a disconnect with the concept of refreshing the access token AND the refresh token with the refresh call, I’m less dumber now – thank you.
Phil, there’s no problem with this API call or Keap’s OAuth implementation, I refreshed it half a dozen times which is 100% automatable - no need for you to do this manually. I’ve written more than my fair share of PHP and looked at your code, there’s nothing there handling or persisting/saving the required refresh_token. I’m persisting with AWS Secrets Manager, could be done just as easily w/ a db like Bradley referenced, heck you could do this w/ a flat file (strongly recommend encrypting).
I hope will help someone like me.
curl --location --request POST 'https://api.infusionsoft.com/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=refresh_token' \
--data-urlencode 'refresh_token=xxx' \
--data-urlencode 'client_id=xxxx' \
PHP example for Phil
$client = new http\Client;
$request = new http\Client\Request;
$body = new http\Message\Body;
'grant_type' => 'refresh_token',
'refresh_token' => 'xxxx',
'client_id' => 'xxxx',
'client_secret' => 'xxxx')));$request->setBody($body);
'Content-Type' => 'application/x-www-form-urlencoded'
$response = $client->getResponse();
Phil’s Solution Proposal
Phil, decouple API authentication from your add contact method/function and never refresh that API
access_token manually again.
- Fire a cron/scheduled job every 24 hours.
- Wire it to that☝️ PHP API call.
- From the response, you’ll get a fresh + valid
refresh_token, with a little more PHP, write those key/values to an encrypted flat file.
- Whenever you fire your
addContact() code, read + decrypt the access token from that encrypted flat file.