Error request new token via Refresh token

I could get token fine (access code → access token) and used it to make Api call into Keap. However few days later, trying to get new token with the Refresh Token call and have not be able to make a successful call yet. I am using Postman to make the request.

OAuth2 Authentication - Keap Developer Portal (

According to the document, it is just www-form body and Authentication header.(App client ID : client secret)


Getting 400 error code with this message:


Error body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; }

An error occurred.

Sorry, the page you are looking for is currently unavailable.
Please try again later.


Hi Donna_Galassi,

Below are some details around using the refresh token request. Can you verify these are the values within your Postman?

grant_type: refresh_token
refresh_token: [your token]

Authorization: Basic
Contact-Type: application/x-www-form-urlencoded

I took a look at my own Postman and saw that if you use their “Authorizaiton” and select the type as Basic Auth, they have you provide a username and pass in separate fields. Providing your client_id and secret in these fields will not work… I suggest manually creating the header yourself from their Headers tab. Create the key as “Authorization” and the value as “Basic [base64 encoded client_id:client_secret]”

Regarding the authorization value… ensure you are first combining your client_id and client_secret with a colon between the two, and then base64 encoding that whole string. Lastly, append the encoded string onto the end of “Basic " (space between Basic and encoded stuff”. The word Basic and space should not have been encoded.

I hope this helps get you back in action!


Hi, I have already tried both, still same result. Please see upload image.


It would be great if Keap team could identify the issue when using Postman; since it is such a common Dev tool.

I ended up writing nodejs test app and made successful call with Refresh token.

Thanks for your help.

The only time I’ve seen that happen is when I or something has already used the refresh token. It expires after it’s used by anyone/anything. At that time, a new SET of access and refresh tokens are provided.

1 Like

I’m getting the same issue when Requesting for Access Token. I used the same redirect url from auth code request.

Is this a common issue when using Postman?
@JustinGourley @John_Borelli

Update: Confirmed issue is isolated in Postman as requesting of access token works using a third party app script.