Thank you for reaching out to Constant Contact API Developer Support. My team is here to assist outside software developers with questions about building into Constant Contact's API.
Upon reviewing our logs for your keys, I found multiple instances of successful refresh token requests being made and then another refresh token request being made with the previous/expired refresh token, resulting in the “The refresh token is invalid or expired” error response you’ve encountered. It appears that when these successful refresh token requests are being made, the new refresh token is not being stored in your application for the next refresh token request.
When a refresh token is used, it becomes invalid and the new refresh token you received would need to be used for the next refresh request. This does not invalidate the existing/previous access token which will continue to be valid for the duration of its lifespan.
The Long Lived Refresh Tokens option does indeed work. When this option is selected, your refresh tokens would continue to be valid after you exchange them for a new access token. Because the original refresh token will continue to work, you will not receive a new refresh token when you refresh the access token.
Please let us know if you have any other questions!
... View more
Courtney, We were able to figure it out. When we reset the token manually, the scope was not set correctly in the request so the new one didn't have access, which is what the Insufficient Authorization Scopes message meant. That is good to know with those possible solutions, we'll take a look at those going forward. Thanks!
... View more