question

$$anonymous$$ avatar image
0 Likes"
$$anonymous$$ Suspended asked

Newly retrieved Authorization oauth2 Token is expired?

I'm retrieving a authorization token (either via our application, or via the 'test sign-in' method), and this works well. In both cases, I am returned a token that starts with `v%5E1.1%23i%5E1%23I%5E3`, so this is so far so good. Now, if I want to exchange this token for a user token (and refresh token), I am returned the following: `{"error":"invalid_grant","error_description":"code passed is expired","error_uri":null}` This problem occurs at the **Production** server. (Just to clarify, there is about *5-10 seconds* between retrieving the authorization code, and wanting to exchange it for refresh/user tokens. And it has been working for months, but today it doesn't feel like it wants to)
tokenoauth2expired token
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

$$anonymous$$ avatar image
0 Likes"
$$anonymous$$ Suspended answered
@catherine_developersupport after some playing around, we found out that the library we used, encoded the token. So instead of `v^1.1#i^1#I^3` being encoded to `v%5E1.1%23i%5E1%23I%5E3`, it was encoded *another* time, resulting in a weird code. `v%255E1.1%2523i%255E1%2523I%255E3` The API shows a flawed error message, though. It's an invalid token, not an expired one.
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

catherine_developersupport avatar image
0 Likes"
catherine_developersupport answered
@etiennbruine_0 I am going to refer to this [KB article][1]. The Authorization code you generate from step 1 is a 1 time use code that last about 5 minutes. If you had used this code before or if you are going to step 2 after 5 minute, it gives you an error that "code passed is expired". Please follow the steps carefully (there are a few times where you need to encode / decode) [1]: https://ebaydts.com/eBayKBDetails?KBid=5075
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

$$anonymous$$ avatar image
0 Likes"
$$anonymous$$ Suspended answered
@catherine_developersupport thank you for your consideration. The code has never been used before, and was issued about 5 *seconds* before making the API request.
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.