When I try to convert my access code to an access token I'm getting the error: Status 400. Authorization code is invalid or expired Error: invalid_grant
I formerly had this working, but moved code to my local dev machine. The steps I tried taking:
1) Delete existing auth token/refresh token file
2) Called
https://api.cc.email/v3/idfed?client_id=<redacted>&redirect_uri=https%3A%2F%2Flocalhost&response_type=code&scope=account_read+account_update+contact_data
3) When this returned a page on my browser, I logged in. I then took the auth code from the redirect url (?code=xxxxxxxxxxxxxx)
4) I called the following code, setting the authCode to xxxxxxxxxxxxxx from the step above
String tokenFromAuthCodeUrl = "https://idfed.constantcontact.com/as/token.oauth2?code=" + authCode +
"&redirect_uri=https://localhost&grant_type=authorization_code";
HttpRequest httpRequest = null;
java.net.http.HttpResponse< String > response = null;
HttpClient httpClient = HttpClient.newBuilder().build();
httpRequest = HttpRequest.newBuilder()
.uri( URI.create( tokenFromAuthCodeUrl ) )
.header( "Authorization" , refreshTokenHeadersMap.get( "Authorization" ) )
.POST( HttpRequest.BodyPublishers.ofString( "" ) )
.build();
response = httpClient.send( httpRequest , java.net.http.HttpResponse.BodyHandlers.ofString() );
5) The response returned is Status 400. Authorization code is invalid or expired Error: invalid_grant
I'm not sure where to go from here. Can anyone see a problem with what I'm doing?
Solved! Go to Solution.
i will ask the obvious: did you post your Request for Access/Refresh Token within the 60 second life of the Authorization Code? Because: "The authorization code has a 60 second lifetime." If that is not the problem, then can you post copy of your httpRequest so we see the details.
i will ask the obvious: did you post your Request for Access/Refresh Token within the 60 second life of the Authorization Code? Because: "The authorization code has a 60 second lifetime." If that is not the problem, then can you post copy of your httpRequest so we see the details.
Not so obvious
Yes, that was the problem. I wasn't aware of the short life of the Auth Code.
Thanks!
Support Tips
"There's a multitude of ways to engage your audience through us using your social platforms - via ads, social post metrics, email links, and more! " - Will
See ArticleSupport Tips
"Target your most engaged contacts by creating a segment. Create a special offer or show your appreciation!" - Caitlin
See ArticleSupport Tips
"Greet new contacts with one or more automated Welcome Emails depending on their interests or your business goals." - Nick
See Article