I am using the Server flow model for OAuth2. Initially, I can get the authorization and refresh tokens. No issue so far. I have the code set to send the refresh token up every hour (I moved this back from my initial 2 hours) in order to ensure that we have a current token. To my understanding, unless my local authorization fails to trigger, I shouldn't have to interact with the authorization from then on. It should refresh, get the new authorization and refresh tokens and move along. However, the authorization fails periodically, apparently for no reason at all. I simply get back a failed authorization. Additionally, I have an authorization page set up so myself and my fellow devs can get a new authorization and refresh token in case of these failures. This will get a new access code, and then immediately fail to authorize. Additionally, it looks like every 3 weeks or so I have had to go in and refresh the Secret Key, as the authorization fails repeatedly and no amount of new access codes/authorization codes/refresh tokens will work. My flow is as follows: 1) Get the Access code from our front-end UI, which opens a CC page and allows login. The returned code gets saved to our local DB. 2) My automated process checks for a current refresh token/authorization code. a) if found, the service moves along. b) if not found, the call gets made to CC to get the new authorization and refresh tokens. Step 2b is what fails periodically. No return code message aside from "Bad authorization" or "Authorization Code invalid" comes back. Why am I having to manually refresh this, and why would the Secret Key require a reset EVER? EDIT: My back-end is C# using the V3API. The front end also uses V3 API and is a vb.net web application
... View more
