Invalid client (401) when refreshing token

Ankush_Thakur · June 3, 2017, 7:41am

Hello, I’m trying to refresh my API token using a PHP Laravel setup and am running into some problems. I’ve tried a lot of times, but I keep getting the invalid client (401) error. Now, I’ve made double-sure that the values stored in DB and env file are correct, but am likely not using something correctly.

How I began the process was by obtaining the access code through browser and then sending a CURL POST request from the registered domain’s command line. Once I have the access_token and refresh_token, I’m storing it in DB through seeder (this is a one time process), and then have a Cron job that goes:

$infs = InfsToken::find(1);

//if last updated + timeout > current time, update
$last_refresh_time = Carbon::parse($infs->updated_at)->addSeconds($infs->refresh_timeout);

if(Carbon::now() > $last_refresh_time) {
    $url = env('INFS_API_BASE_URL') . '/token';
    $auth_string = env('INFS_CLIENT_ID') . ':' . env('INFS_CLIENT_SECRET');
    $auth_string = 'Basic' . base64_encode($auth_string);

    $client = new \GuzzleHttp\Client();

    $requestBody = [
        'grant_type' => 'refresh_token',
        'refresh_token' => $infs->refresh_token,
    ];

    $response = $client->request('POST', $url, [
        'headers' => [
            'Authorization' => $auth_string
        ],
        'form_params' => $requestBody
    ]);

    $responseBody = $response->getBody();

    $infs->access_token = $responseBody['access_token'];
    $infs->refresh_token = $responseBody['refresh_token'];

    $infs->save();

    Log::info('Got new token:' . $infs->access_token);
}

Please do help me as I’m feeling lost. Feel free to ask any questions or request more info. Thanks in advance!

John_Borelli · June 3, 2017, 8:19am

You need to call ->refreshAccessToken using the refresh token and then store the resulting new set of tokens for later.

https://developer.infusionsoft.com/docs/xml-rpc/#authentication-refresh-an-access-token

Ankush_Thakur · June 3, 2017, 8:33am

Hello, again! I’m actually using the REST API, and don’t want to use the PHP SDK. Is there an example somewhere where interaction via plain PHP code is given?

Another question: What should the headers look like when making REST calls? This isn’t specified in the REST documentation, except for the case of refresh token. If I can find that out, I might be able to dig around on my own. Use case: I want to send a CURL GET requests for /contacts from the command line.

Ankush_Thakur · June 3, 2017, 8:36am

I realized I had forgotten the very important part of sending the request in the code I pasted! I’ve updated it.

Ankush_Thakur · June 3, 2017, 8:44am

Well, thankfully, I was able to figure out the CURL part myself. I just had to do:

curl -G --data "access_token=my_access_token" https://api.infusionsoft.com/crm/rest/v1/appointments?limit=10. I can live with this for now, but would really like to see what went wrong when trying to refresh my token.

John_Borelli · June 3, 2017, 9:21am

REST refresh token docs are here:

https://developer.infusionsoft.com/docs/rest/#!/Authentication/permission_0_1

Ankush_Thakur · June 5, 2017, 8:02pm

Hmm, that doesn’t really help. Let me close this question and open a new one where I try to refresh a token from the command line.

Topic		Replies	Views
Invalid Client on Refresh Token API Q&A	1	1120	April 14, 2019
Invalid client when trying to refresh token from command line API Q&A	10	2716	June 6, 2017
Error on refreshing access token API Q&A	2	1217	May 1, 2018
401 Unauthorized error when trying to refresh access token API Q&A api , rest , php , http-post	1	1338	September 13, 2018
Api Key Refresh API Q&A	7	3609	October 4, 2017

Invalid client (401) when refreshing token

Related topics