Community Home
Get Help
Events & Webinars
Groups
Resources
MyRewards

Authorization code is invalid or expired error

SOLVED
Go to solution
FirstNameL86527
Member
‎01-18-2021 02:24 PM
0 Votes
‎01-18-2021 02:24 PM

When I try to convert my access code to an access token I'm getting the error:  Status 400.  Authorization code is invalid or expired  Error:  invalid_grant

 

I formerly had this working, but moved code to my local dev machine.  The steps I tried taking:

 

1)  Delete existing auth token/refresh token file

2) Called 

https://api.cc.email/v3/idfed?client_id=<redacted>&redirect_uri=https%3A%2F%2Flocalhost&response_type=code&scope=account_read+account_update+contact_data

3)  When this returned a page on my browser, I logged in.  I then took the auth code from the redirect url (?code=xxxxxxxxxxxxxx)

4)  I called the following code, setting the authCode to xxxxxxxxxxxxxx from the step above

String tokenFromAuthCodeUrl = "https://idfed.constantcontact.com/as/token.oauth2?code=" + authCode +
        "&redirect_uri=https://localhost&grant_type=authorization_code";

HttpRequest httpRequest = null;
java.net.http.HttpResponse< String > response = null;
HttpClient httpClient = HttpClient.newBuilder().build();

httpRequest = HttpRequest.newBuilder()
        .uri( URI.create( tokenFromAuthCodeUrl ) )
        .header( "Authorization" , refreshTokenHeadersMap.get( "Authorization" ) )
        .POST( HttpRequest.BodyPublishers.ofString( "" ) )
        .build();

response = httpClient.send( httpRequest , java.net.http.HttpResponse.BodyHandlers.ofString() );

5)  The response returned is Status 400.  Authorization code is invalid or expired  Error:  invalid_grant

 

I'm not sure where to go from here.  Can anyone see a problem with what I'm doing?

 

1 ACCEPTED SOLUTION
raleighb3
Member
‎01-22-2021 01:56 PM
‎01-22-2021 01:56 PM

i will ask the obvious:   did you post your Request for Access/Refresh Token within the 60 second life of the Authorization Code?    Because:  "The authorization code has a 60 second lifetime."    If that is not the problem,  then can you post copy of your httpRequest so we see the details.

View solution in original post

2 REPLIES 2
raleighb3
Member
‎01-22-2021 01:56 PM
‎01-22-2021 01:56 PM

i will ask the obvious:   did you post your Request for Access/Refresh Token within the 60 second life of the Authorization Code?    Because:  "The authorization code has a 60 second lifetime."    If that is not the problem,  then can you post copy of your httpRequest so we see the details.

FirstNameL86527
Member
‎01-22-2021 03:09 PM
In response to raleighb3
0 Votes
‎01-22-2021 03:09 PM

Not so obvious

Yes, that was the problem.  I wasn't aware of the short life of the Auth Code. 

 

Thanks!

Support Tips

  • Avatar

    Support Tips

    Social Media

    "There's a multitude of ways to engage your audience through us using your social platforms - via ads, social post metrics, email links, and more! " - Will

    See Article
  • Avatar

    Support Tips

    Call-To-Action Links

    "Target your most engaged contacts by creating a segment. Create a special offer or show your appreciation!" - Caitlin

    See Article
  • Avatar

    Support Tips

    Welcome Your Audience

    "Greet new contacts with one or more automated Welcome Emails depending on their interests or your business goals." - Nick

    See Article