• Constant Contact Logo
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
 

Authorization code is invalid or expired error

SOLVED
Go to solution
FirstNameL86527
Member
‎01-18-2021 02:24 PM
‎01-18-2021 02:24 PM

When I try to convert my access code to an access token I'm getting the error:  Status 400.  Authorization code is invalid or expired  Error:  invalid_grant

 

I formerly had this working, but moved code to my local dev machine.  The steps I tried taking:

 

1)  Delete existing auth token/refresh token file

2) Called 

https://api.cc.email/v3/idfed?client_id=<redacted>&redirect_uri=https%3A%2F%2Flocalhost&response_type=code&scope=account_read+account_update+contact_data

3)  When this returned a page on my browser, I logged in.  I then took the auth code from the redirect url (?code=xxxxxxxxxxxxxx)

4)  I called the following code, setting the authCode to xxxxxxxxxxxxxx from the step above

String tokenFromAuthCodeUrl = "https://idfed.constantcontact.com/as/token.oauth2?code=" + authCode +
        "&redirect_uri=https://localhost&grant_type=authorization_code";

HttpRequest httpRequest = null;
java.net.http.HttpResponse< String > response = null;
HttpClient httpClient = HttpClient.newBuilder().build();

httpRequest = HttpRequest.newBuilder()
        .uri( URI.create( tokenFromAuthCodeUrl ) )
        .header( "Authorization" , refreshTokenHeadersMap.get( "Authorization" ) )
        .POST( HttpRequest.BodyPublishers.ofString( "" ) )
        .build();

response = httpClient.send( httpRequest , java.net.http.HttpResponse.BodyHandlers.ofString() );

5)  The response returned is Status 400.  Authorization code is invalid or expired  Error:  invalid_grant

 

I'm not sure where to go from here.  Can anyone see a problem with what I'm doing?

 

0 Votes
1 ACCEPTED SOLUTION
raleighb3
Member
‎01-22-2021 01:56 PM
‎01-22-2021 01:56 PM

i will ask the obvious:   did you post your Request for Access/Refresh Token within the 60 second life of the Authorization Code?    Because:  "The authorization code has a 60 second lifetime."    If that is not the problem,  then can you post copy of your httpRequest so we see the details.

View solution in original post

2 REPLIES 2
raleighb3
Member
‎01-22-2021 01:56 PM
‎01-22-2021 01:56 PM

i will ask the obvious:   did you post your Request for Access/Refresh Token within the 60 second life of the Authorization Code?    Because:  "The authorization code has a 60 second lifetime."    If that is not the problem,  then can you post copy of your httpRequest so we see the details.

FirstNameL86527
Member
In response to raleighb3
‎01-22-2021 03:09 PM
‎01-22-2021 03:09 PM

Not so obvious

Yes, that was the problem.  I wasn't aware of the short life of the Auth Code. 

 

Thanks!

0 Votes
Resources
Developer Portal

View API documentation, code samples, get your API key.

Visit Page

Announcements

API Updates

Join our list to be notified of new features and updates to our V3 API.

Sign Up