When I try to convert my access code to an access token I'm getting the error: Status 400. Authorization code is invalid or expired Error: invalid_grant
I formerly had this working, but moved code to my local dev machine. The steps I tried taking:
1) Delete existing auth token/refresh token file
2) Called
https://api.cc.email/v3/idfed?client_id=<redacted>&redirect_uri=https%3A%2F%2Flocalhost&response_type=code&scope=account_read+account_update+contact_data
3) When this returned a page on my browser, I logged in. I then took the auth code from the redirect url (?code=xxxxxxxxxxxxxx)
4) I called the following code, setting the authCode to xxxxxxxxxxxxxx from the step above
String tokenFromAuthCodeUrl = "https://idfed.constantcontact.com/as/token.oauth2?code=" + authCode +
"&redirect_uri=https://localhost&grant_type=authorization_code";
HttpRequest httpRequest = null;
java.net.http.HttpResponse< String > response = null;
HttpClient httpClient = HttpClient.newBuilder().build();
httpRequest = HttpRequest.newBuilder()
.uri( URI.create( tokenFromAuthCodeUrl ) )
.header( "Authorization" , refreshTokenHeadersMap.get( "Authorization" ) )
.POST( HttpRequest.BodyPublishers.ofString( "" ) )
.build();
response = httpClient.send( httpRequest , java.net.http.HttpResponse.BodyHandlers.ofString() );
5) The response returned is Status 400. Authorization code is invalid or expired Error: invalid_grant
I'm not sure where to go from here. Can anyone see a problem with what I'm doing?
Solved! Go to Solution.
i will ask the obvious: did you post your Request for Access/Refresh Token within the 60 second life of the Authorization Code? Because: "The authorization code has a 60 second lifetime." If that is not the problem, then can you post copy of your httpRequest so we see the details.
i will ask the obvious: did you post your Request for Access/Refresh Token within the 60 second life of the Authorization Code? Because: "The authorization code has a 60 second lifetime." If that is not the problem, then can you post copy of your httpRequest so we see the details.
Not so obvious
Yes, that was the problem. I wasn't aware of the short life of the Auth Code.
Thanks!
The holidays have come and gone. For many seasonal businesses, this means the rush of shoppers has decreased as well. Instead of turning off the lights and waiting for spring, make your email marketi...
See Article