High Priority: production credentials suddenly invalid

timotheus

All my calls to your API now just give me back:

{"error":"invalid_client","error_description":"The client credentials are invalid"}

I also cannot log into https://cloud.lightspeedapp.com/oauth/update.php with my production credentials. My dev credentials still work. My client key for production is locally.

Please help, this is really bad timing for this to happen on Prime Day.

benhirsch

Just to add some perspective... this client connects hundreds of Lightspeed retailers to our platform. Please help us to reinstate it!

Adrian Samuel

@timotheus @benhirsch, would you be able to private message me your API client ID? Then I can explore

timotheus

I sent you a PM ~30 min ago, just FYI. Many thanks!

Adrian Samuel

Hey @timotheus, thank you for the message. My team is actively investigating the issue and will reach out to you accordingly

timotheus

@Adrian Samuel I responded via PM, new secret is not working. Am getting same error.

benhirsch

Please help us! We have 319 upset store managers (Lightspeed customers) who were connected to our service for many months, and in some cases for years, but our API client has suddenly stopped working without warning. We PMed our client ID and you replied with a new secret but it is not working. This was hours ago and we have not received a reply to our PMs. We still do not know why our credentials stopped working but for the moment we simply want to get our service running again. What can we do?

benhirsch

Our API client is back up and running now. All of the Lightspeed stores were able to restore connectivity as of ~9pm EST last night.

We never received any more PMs on the matter. We were able to make contact with someone at Lightspeed whom we previously worked with a couple years ago. He helped us to determine that our key has been disabled and was able to re-enable it and sent us a new secret. About an hour after the key was re-enabled I received a PM from another support person informing me that the key was re-enabled and that there was a new secret. Unfortunately this broke our newly deployed connection. So we had to re-deploy with the new secret and restart our integration.

We have asked all parties who we communicated with why our key was disabled but have not received any responses.

gregarican

I've found over the years that getting a post-mortem follow up of how or why something failed is difficult. Sorry for your extended downtime. My guess would be someone accidentally disabling the wrong account, a script misfiring, or something akin...