Problem getting access token

I am trying to setup a connection with infusion soft from salesforce and
Below is my Request but I am getting invalid client error in response
{“error”:“invalid_client”} with code 401

Endpoint=https://api.infusionsoft.com/token?code=2rhd5mwyy2kfq8wrgeyckur6
&client_id=rtertretertert
&grant_type=authorization_code
&client_secret=rggeerbbdb
&redirect_uri=https://test.salesforce.com/services/authcallback/645rddbdbdd/InfusionSoft_Auth_Provider,
Method=POST

Hi @Itpro_Dave,

I made a video that should help to clear up some of the details:

Thanks for the video i am doing the same process but when I request for token then i am getting this error invalid client. It may be the permission issue etc.

If you get that during your refresh cycle then that means that the token has been used or a new access grant has been given (which invalidates previous tokens) and you would have to re-authorize the app. Note, that the access and refresh tokens change every time you do a refresh. You cannot continue to use the same ones. This is the most common occurrence of the ‘invalid client’ message.

yes I understand that but i am getting this error when I am requesting token, not refreshing the token. please check my request in the previous question, is there something wrong with that or there is something else i have to do.

k, so I see that you have code=… in the url which normally would tell me that you’ve already gotten authorization. Meaning this call is for the access token and not the authorization token. If that’s the case then you have successfully used your client id and secret values. But your wording sound more like you believe that the authorization process is actually the request for the access token, which it is not. Can you confirm that you have successfully gotten the authorization token first and that you are indeed using that authorization token returned to you by Infusionsoft to request the access token?

First I redirect to “https://signin.infusionsoft.com/app/oauth/authorize” with client_id ,redirect_uri,response_type and scope

and then I receive a code after that I make below request in order to get token

Endpoint=https://api.infusionsoft.com/token?code=2rhd5mwyy2kfq8wrgeyckur6
&client_id=rtertretertert
&grant_type=authorization_code
&client_secret=rggeerbbdb
&redirect_uri=https://test.salesforce.com/services/authcallback/645rddbdbdd/InfusionSoft_Auth_Provider,
Method=POST

but in response I got invalid client error(401).

what is authorization code ? or it is the same which I got in response in the first request.

1 Like

Hi @Itpro_Dave,

I’m going to ask for your patience as I itemize some things that, during our conversation here, haven’t really been clearly stated. So while some of them may seem redundant or basic, please bare with me as I cross our T’s and dot our I’s:

  • What you have posted above ... it is not clear to me weather you are aware that this process only should be called once and then a refresh process called every 24 hours after that which keeps the resulting access valid.

  • In what you have posted above, you have hard coded ?code=2rhd5mwyy2kfq8wrgeyckur6. If you are sending this repeatedly, then it will fail. That token is valid for only a few minutes and is meant to be thrown away, permanently. Even if you were to call the above repeatedly, you would have to dynamically set that token value rather than use any previous one.

  • Once the /token endpoint calls back, you will be sent a json string in the body of the callback with the following information:
    object(stdClass)[2] public 'access_token' => string '{access token here}' (length=24)
    public 'token_type' => string 'bearer' (length=6)
    public 'expires_in' => int 86400
    public 'refresh_token' => string '{refresh token here}' (length=24)
    public 'scope' => string 'full|ab123.infusionsoft.com' (length=27)
    public 'applicationName' => string 'ab123' (length=5)

  • You must use the refresh token to request an extension to the lease for access between your developer credentials and the app you have access to. When you request refresh, a brand new set of access/refresh tokens will be returned and you will have to use those until refresh is again called ... and so on and so forth. In this way you are able to avoid someone having to re-authorize their app on a daily basis.

  • Some definition (for clarity sake):
    Authorization token is the very temporary token you get from that first call (to /authorize) which gives you permission to request access from the app owner.
    Access token is the token returned by the second call you are using or by the refresh call that represents your access rights to the app that has been authorized by the app owner/user. This is what you will use for api calls.
    Refresh token is what you must use to request replacement tokens for what has already been authorized. Once having requested the refresh successfully, the previous tokens are no longer valid.

Hi @John_Borelli,

Thanks for bearing me, here what I am doing.

I need to integrate infusionSoft with salesforce.

First I redirect to “https://signin.infusionsoft.com/app/oauth/authorize” along with client_id ,redirect_uri,response_type and scope. client_id and redirect_uri we can suppose here any random number and url because I don’t want them to publish on community.

after that I got redirected to the redirect_uri and also I got a code in the response and using that code i make a new request which look like

Endpoint=https://api.infusionsoft.com/token?code=2rhd5mwyy2kfq8wrgeyckur6
&client_id=rtertretertert
&grant_type=authorization_code
&client_secret=rggeerbbdb
&redirect_uri=https://test.salesforce.com/services/authcallback/645rddbdbdd/InfusionSoft_Auth_Provider,
Method=POST

here code in not static its dynamic and change every time when I hit the url, Here I just typed random number.

so from this request i am not getting the response like you had post above
/************************************************************************************/
Once the /token endpoint calls back, you will be sent a json string in the body of the callback with the following information:
object(stdClass)[2] public ‘access_token’ => string ‘{access token here}’ (length=24)
public ‘token_type’ => string ‘bearer’ (length=6)
public ‘expires_in’ => int 86400
public ‘refresh_token’ => string ‘{refresh token here}’ (length=24)
public ‘scope’ => string ‘full|ab123.infusionsoft.com’ (length=27)
public ‘applicationName’ => string ‘ab123’ (length=5)

/************************************************************************************/

I am not getting the above response instead I got invalid client(401). and I didn’t got the token a single time, so refreshing the token comes after that, before that I need to get the token at least once.

May be this is because of some permission which need to give to user in order to gain access because as the error says invalid client so I think user don’t have permission so if you can let me know how give permission to user.

If you can provide me your skpe id then I can call you and explain you more better.

Not sure why your token request is passing everything in via the query string (at least that is what it looks like from your post). That should be in the post body and x-www-form-urlencoded. Also you need to make sure your redirect_uri you passed in to the authorize is the same as you pass into the token request. If not you will get a 401 as well.

2 Likes

hey, I am not able Refresh an Access Token
sending $args on https://api.infusionsoft.com/token and in response getting error “error”:“invalid_grant”,“error_description”:“Invalid refresh token”
$args = Array
(
[timeout] => 45
[httpversion] => 1.0
[blocking] => 1
[body] => Array
(
[grant_type] => refresh_token
[refresh_token] => fj5ws57zrwmvzntf9h62eha8
)

[headers] => Array
    (
        [Authorization] => Basic {base64 encoded clientid : client_secret}
    )

[method] => POST

)
is there something wrong with that or there is something else i have to do.

Usually that error means you already consumed that refresh token or the refresh token is expired (more than 180 days old). Also you have basically posted your client_id and password. I have edited your post to remove those.

1 Like