cancel
Showing results for 
Search instead for 
Did you mean: 

Access token expired in V3

Occasional Contributor

Access token expired in V3

I am looking to upgrade constant contact api to V3 api. For making api calls I need the access token. I generated access token using OAuth2.0 Client Flow. And tested  api call get contacts. Its is working. After few times I call the api but gives the error unauthorized access token. It was because of the access token get expired. In OAuth2.0 Client Flow it is saying that the life span of access token in some hours.

 

So how I use this for long term use. That is I have to generate new access token time to time and it is not practical.

Currently I am using the api to retrieve/add/update contacts to constant contact account. In constant contact  api I don't face this type of issue, because there access token is not expired.

5 REPLIES 5
Moderator

Re: Access token expired in V3

Hello @AprilD761 ,

 

Thank you for reaching out to Constant Contact's API Support.

 

If you continue going through the oAuth documentation for v3 you will notice that it mentions a Refresh Token section after the Access Token section. You use the Refresh Token to get a new Access Token. You can find this documentation here


Regards,
Jimmy D.
Tier II API Support Engineer
Occasional Contributor

Re: Access token expired in V3

Yes, I tried the OAuth2.0 Server Flow also.

As you mentioned, we use the Refresh Token to get a new Access Token. This will also expire. In step 4, we can generate Access Token and a Refresh Token using Authorization Code. And when the Access Token expired using the Refresh Token we can regenerate new Access Token and refresh token.

 

That is time to time Access Token get expired and using the refresh token we generate new access token.

 

So time to time I have to change the code. Right?

Moderator

Re: Access token expired in V3

Hello,

 

Refresh Tokens do not expire the way that Access Tokens do.

 

When using the Server flow, you are given a Refresh Token as well as an Access Token. When your Access Token has expired, you can exchange the Refresh Token for a new Access Token as well as a new Refresh Token. You would then continue doing this with the new Refresh Tokens obtained.


Regards,
David B.
Tier II API Support Engineer

 

 

Occasional Contributor

Re: Access token expired in V3

Hi, 

As you said

Refresh Tokens do not expire the way that Access Tokens do.

 

I got:  string(92) "{"error_description":"unknown, invalid, or expired refresh token","error":"invalid_grant"} "

 

My code is: 

function refreshToken($refreshToken, $clientId, $clientSecret) {
    $ch = curl_init();
    $base = 'https://idfed.constantcontact.com/as/token.oauth2';
    $url = $base . '?refresh_token=' . $refreshToken . '&grant_type=refresh_token';
    curl_setopt($ch, CURLOPT_URL, $url);
    $auth = $clientId . ':' . $clientSecret;
    $credentials = base64_encode($auth);
    $authorization = 'Authorization: Basic ' . $credentials;
    curl_setopt($ch, CURLOPT_HTTPHEADER, array($authorization));

    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

    $result = curl_exec($ch);
    curl_close($ch);
    return $result;
}
$refreshToken = "xxxxxx";
$clientId="xxxxxxxx";
$clientSecret="xxxxxxxx";

var_dump(refreshToken($refreshToken,  $clientId, $clientSecret));
Moderator

Re: Access token expired in V3

Hi @AprilD761,

 

Your code looks correct. You would get an error if somehow the $refreshToken was accidentally pulling in the Access Token instead of the previous Refresh Token. Since we cannot see the rest of the code I would ensure it is pulling in the correct value.


Regards,
Jimmy D.
Tier II API Support Engineer