InfusionSoft legacy xml-rpc API access token expiring frequently

Sohail_Iqbal · May 3, 2017, 4:02am

I am working with the leagacy xml-rpc API of InfusionSoft to just update a few contact details of a contact like email and opt-out reason etc.

I am using google apps script to achieve that as the data with contact-id is available there as a list. Though, it is part of a larger project where these contacts are being retrieved from other sources.

I often see that I get a response 401 (Not Authorized) message in response to the requests being made. It requires regenerating the access token to get those requests through.

Is there any way, to have never-expiring token or some maximum time limit for that? as the client needs to regenerate token often to get that data updated.

The script needs to run daily for all new contacts available on the list, and no other direct user activity is involved.

I am sharing the sample code, retrieving contact details and that works fine when new token is generated the same day.

function infusionTry()
{
  var KEY = APIKEY;
  var INF_TOKEN = ACCESS_TOKEN;
  var url = "https://api.infusionsoft.com/crm/xmlrpc/v1?access_token=" + INF_TOKEN;
  var payload = HtmlService.createTemplateFromFile("ReqData").getRawContent();
  payload = payload.replace("{privateKey}",KEY);
  payload = payload.replace("{contactIDNumber}",666486);
  var params = {
    method: "post",
    contentType : "application/xml",
    payload : payload,    
    muteHttpExceptions: true
  };
  var resp = UrlFetchApp.fetch(url, params);
  Logger.log(resp.getResponseCode());
  Logger.log(resp.getContentText());
}

Thanks.

John_Borelli · May 3, 2017, 2:05pm

@Sohail_Iqbal,

The access token is only good for 24 hours. When you get it there is also a refresh token provided with it. You must, prior to the access token expiring, use the refresh token to get a NEW SET of access/refresh tokens. The old access token will then be invalid and the new access and refresh tokens must be the ones to use. Most developers are using a backend database with a job service like CRON to manage this more transparently.

Sohail_Iqbal · May 3, 2017, 6:11pm

Thanks @John_Borelli,

I can’t seem to find the refresh token being offered by infusionsoft on their developer site. The client has sent me the attached snapshot where only key and secret (token) is shown but no refresh token. Is it offered at some other place? or I have to use the oauth flow where client is required to login to infusionsoft?

Please keep in mind, I am talking about the legacy API.

John_Borelli · May 3, 2017, 6:23pm

You don’t find it there. When you get your access token a refresh token is also returned with it.

Topic		Replies	Views
REST API Connection API Q&A	38	5491	September 24, 2018
API token expiring date issues API Q&A api	2	470	July 9, 2020
API call errors ( PHP SDK, OAuth, REST and Xml-RPC API) API Q&A	1	565	December 21, 2020
Is there legitimately not a programmatic way to acquire accessToken and refreshToken? API Q&A	1	717	November 24, 2017
Cannot retrieve my Access Token API Q&A	19	4376	April 19, 2018

InfusionSoft legacy xml-rpc API access token expiring frequently

Related topics