Api Key Refresh

API Q&A
1

Hello.

I am trying to use the API to request info from my Infusionsoft Dashboard.

All personal info in this post has been obfuscated.

  1. From https://keys.developer.infusionsoft.com/apps/mykeys i can get access to my Client ID and my Client Secret.

devdash
devdash2673×1116 132 KB

  1. Using these two values i can generate a access token and refresh token from https://accounts.infusionsoft.com/app/central/home

appDash
appDash1236×1440 101 KB

So now i have an access token and a refresh token.

Using the REST Api, i can get client information using curl.

curl ‘https://api.infusionsoft.com/crm/rest/v1/contacts/6’ -H “Authorization: Bearer #########” -H ‘Accept: application/json’ -H ‘Content-Type: application/json’ -X GET

This works and returns my customer information.

Now i want to refresh an access token using the REST api.

Here the Auth header is “Basic + base64_encode(CLIENT_ID + ‘:’ + CLIENT_SECRET)” where CLIENT_ID & CLIENT_SECRET are taken from the developer dashboard, shown in image 1. This tool was used to encode the id and secret - https://www.base64encode.org before entering it into curl

curl ‘https://api.infusionsoft.com/token’ -H ‘Authorization: Basic ##########’ -H ‘Accept: application/json’ -H ‘Content-Type: application/json’ -X POST -d ‘{ “grant_type”:“refresh_token”, “refresh_token”:“###########”}’

The response is {“error”:“invalid_request”,“error_description”:“response_type or grant_type is required”}

A similar issue is found in the forum but their solution does not work here. The OP closed the question and creates the following post.

In this question, the OPs issue is the space in the Auth Header. Not the issue here.

If you need any more information, please let me know.

2

This:

will not resolve correctly. Your header should be "Authorization: Basic "+Base64(id:secret) but the way your quotes (double and single) and plus signs are arranged, that’s not what you’ll get. Have you tried printing this to the screen to see that it resolves to the string you’re looking for?

1 Like
3

@John_Borelli I’ve repeated the request with adjusted formatting

curl ‘https://api.infusionsoft.com/token’ -H ‘Authorization: Basic ###########=’ -H ‘Accept: application/json’ -H ‘Content-Type: application/json’ --data ‘{“grant_type”:“refresh_token”,“refresh_token”:“#######”}’ -X POST

{“error”:“invalid_request”,“error_description”:“response_type or grant_type is required”}

As for the plus signs… that is cut and pasted from the documentaiton.
Example pseudo code: Basic + base64_encode(CLIENT_ID + ‘:’ + CLIENT_SECRET) here OAuth2 Authentication - Keap Developer Portal

To generate the base64_encoded string is used https://www.base64encode.org.

If i put the incorrect string for the basic auth token i get {“error”:“invalid_client”}

This suggests that the header is correct as the issue i am facing is not authorization but the grant_Type.

“error”:“invalid_request”,“error_description”:“response_type or grant_type is required”}

Should i be using JSON as the -d parameter in curl? Or should it be url encoded?

4

So start at the beginning. How are you sending cURL? command line, code, Postman? This can make a difference in answering the rest.

1 Like
5

@John_Borelli Certainly. I am using cUrl from the command line. On a mac.

6

@Gavin_Nathan Thanks for taking the time to post what you’ve tried. I think at least part of the trouble is how curl is being told to make the request.

Instead, of using -d (or --data) with JSON, use query string parameters. Let me know how that goes for you.

(Updated this post to remove erroneous info and provide correct info as provided by Brad.)

1 Like
7

The POST needs to be application/x-www-form-urlencoded like the example below.

POST /token HTTP/1.1
     Host: server.example.com
     Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
     Content-Type: application/x-www-form-urlencoded

     grant_type=refresh_token&refresh_token=tGzv3JOkF0XG5Qx2TlKWIA
3 Likes
8

@bradb @mike.christianson

public OAuthModel RefreshApiToken(string refreshToken)
        {
            // exchange authorization code at authorization server for an access and refresh token
            Dictionary<string, string> post = null;
            post = new Dictionary<string, string>
            {
                {"refresh_token", refreshToken},
                {"grant_type", "refresh_token"}
            };
            using (var client = new HttpClient())
            {
                try
                {
                    client.BaseAddress = new Uri(tokenUrl);
                    client.DefaultRequestHeaders.Authorization  = new AuthenticationHeaderValue(
                                        "Basic",
                                        Convert.ToBase64String(
                                        System.Text.ASCIIEncoding.ASCII.GetBytes(
                                        string.Format("{0}:{1}", _businessId, _apiKey))));

                    var postContent = new FormUrlEncodedContent(post);
                    var tokenResponse = client.PostAsync("token", postContent).Result;

                    tokenResponse.EnsureSuccessStatusCode(); // Throw in not success
                    var content = tokenResponse.Content.ReadAsStringAsync().Result;
                    var responseModel = JsonConvert.DeserializeObject<OAuthModel>(content);
                    return responseModel;
                }
                catch (HttpRequestException e)
                {
                }
                return new OAuthModel();
            }
        }

This totally worked! Thank you!

Using - FormUrlEncodedContent

Regards,

Daniel

1 Like