question

wohntrends-shop avatar image
0 Likes"
wohntrends-shop asked ·

Suddenly getting invalid_grant for refresh_token in production

We have been using the OAuth refresh_token stuff for a few months. Then we noticed our packages are not confirmed to Ebay automatically. Since it's a busy time we didn't have time to immediately dig into the log files. After checking them we noticed the error and realized the last token refresh was around Sep. 13th since the last token saved in the json config file we generated was having a expiration date on that day. Now our first guess was: oh damn, did we screw up? Did the token expire earlier then expected? New token generated, etc.. No change. Then we made the test and switched to sandbox... and of surprisingly refresh token there is working, so we assume the code is fine. What the hell could we be missing? Was there a change in Ebay which is only reflected on the production site and ignored on the sandbox? We are not actually using a redirect URL, since the only account we log in with is our own. So all we do is copy and paste the refresh token from the URL, URL decode them using Notepad++ and paste them into the JSON file. On the JSON file sandbox and production is the difference between getting the index 0 and 1. There is code side no known difference. We are using the ebay-sdk-php to access the API. Original reply is: {"error":"invalid_grant","error_description":"the provided authorization refresh token is invalid or was issued to another client"} PS: Creating an auth code in production using the dev side and using this token does work as login, but we really don't have the time to update the token every few hours by hand...
productioninvalid tokenrefresh token rest api
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

custom-mac603 avatar image
0 Likes"
custom-mac603 answered ·
This may be way too late, but the reason that you can not refresh a token when is because your access token has been invalided by updating the password. You have to go through the whole entire oAuth flow again to get a new access token. Then you will be able to refresh the token until that the access token expires or you invalidate it again by changing a password.
·
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

wohntrends-shop avatar image
0 Likes"
wohntrends-shop answered ·
We now realize the original refresh token expired, because we changed the password for the Ebay seller account. But still we wonder why we are unable to get a new working refresh token. We even tried to rotate the CertID without finding a solution. We also tried to replace auth.ebay.com with auth.ebay.de in the URL to retrieve the new refresh token, without any change. We seem to be missing something here, but we really cannot find anything else we could change.
·
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.