Invalid client (401) when refreshing token

Hello, I’m trying to refresh my API token using a PHP Laravel setup and am running into some problems. I’ve tried a lot of times, but I keep getting the invalid client (401) error. Now, I’ve made double-sure that the values stored in DB and env file are correct, but am likely not using something correctly.

How I began the process was by obtaining the access code through browser and then sending a CURL POST request from the registered domain’s command line. Once I have the access_token and refresh_token, I’m storing it in DB through seeder (this is a one time process), and then have a Cron job that goes:

$infs = InfsToken::find(1);

//if last updated + timeout > current time, update
$last_refresh_time = Carbon::parse($infs->updated_at)->addSeconds($infs->refresh_timeout);

if(Carbon::now() > $last_refresh_time) {
    $url = env('INFS_API_BASE_URL') . '/token';
    $auth_string = env('INFS_CLIENT_ID') . ':' . env('INFS_CLIENT_SECRET');
    $auth_string = 'Basic' . base64_encode($auth_string);

    $client = new \GuzzleHttp\Client();

    $requestBody = [
        'grant_type' => 'refresh_token',
        'refresh_token' => $infs->refresh_token,

    $response = $client->request('POST', $url, [
        'headers' => [
            'Authorization' => $auth_string
        'form_params' => $requestBody

    $responseBody = $response->getBody();

    $infs->access_token = $responseBody['access_token'];
    $infs->refresh_token = $responseBody['refresh_token'];


    Log::info('Got new token:' . $infs->access_token);

Please do help me as I’m feeling lost. Feel free to ask any questions or request more info. Thanks in advance!

You need to call ->refreshAccessToken using the refresh token and then store the resulting new set of tokens for later.

Hello, again! I’m actually using the REST API, and don’t want to use the PHP SDK. Is there an example somewhere where interaction via plain PHP code is given?

Another question: What should the headers look like when making REST calls? This isn’t specified in the REST documentation, except for the case of refresh token. If I can find that out, I might be able to dig around on my own. Use case: I want to send a CURL GET requests for /contacts from the command line.

I realized I had forgotten the very important part of sending the request in the code I pasted! I’ve updated it.

Well, thankfully, I was able to figure out the CURL part myself. I just had to do:

curl -G --data "access_token=my_access_token" I can live with this for now, but would really like to see what went wrong when trying to refresh my token.

REST refresh token docs are here:!/Authentication/permission_0_1

Hmm, that doesn’t really help. Let me close this question and open a new one where I try to refresh a token from the command line.