Access Tokens returned after refresh_token call are invalid

guyrbissonguyrbisson Member Posts: 10

We have an integration that has been working without issue for a couple of years now. On May 10, 2021 this changed and our integration hasn't worked since.

As part of our token management strategy, we've been posting to the https://cloud.lightspeedapp.com/oauth/access_token.php endpoint . During the post, we pass in the following parameters:

const params = {

client_id,

client_secret,

grant_type: 'refresh_token',

refresh_token

}

const response = await this.queryLightspeedRetailApi('POST', hostUrl, params, headers);

The response status is 200 and we receive what appears to be a valid token.

However, all subsequent API requests which use the new access_token fail with response 401|Unauthorized.

I've reviewed the API documentation looking for any new changes we may have missed, as well as scanning the forum, before submitting this for discussion. #OAUTH #RefreshNotWorking

1 comment

  • guyrbissonguyrbisson Member Posts: 10

    We needed to account for two baseUrls - one for authentication, the other for the api calls. We set our API baseUrl to https://api.lightspeedapp.com and corrected our error.

    This issue is resolved.

Sign In or Register to comment.