This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Invalid Refresh Token

Posted on 03-23-2016 05:09 AM
Feroz_Mahammad
New Member
Reply posted on --/--/---- --:-- AM

Getting an error "Invalid Refresh Token" while refreshing a token.

Here is my XML:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<OAuthV2 async="false" continueOnError="false" enabled="true" name="RefreshAccessToken">
    <DisplayName>RefreshAccessToken</DisplayName>
    <ClientId>request.queryparam.client_id</ClientId>
    <GrantType>request.queryparam.grant_type</GrantType> 
    <ExternalAuthorization>false</ExternalAuthorization>     
    <Operation>RefreshAccessToken</Operation>     
    <GenerateResponse enabled="true"/>
</OAuthV2>

Here is my POST request:

http://<my_org>/<base_path>/<resource_path>?grant_type=refresh_token&refresh_token=<refresh_token>; with basic authorization enabled.

Solved Solved
1 3 1,101
Topic Labels
Jump to Solution
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
adevegowda
Staff
Reply posted on --/--/---- --:-- AM

Dear @Mahammad Feroz,

1. Please verify that you are passing the right refresh token

2. You need to inform Edge where you are passing the refresh token using the below tag

<RefreshToken>request.queryparam.refreshtoken</RefreshToken>

By default, it will take refresh token is passed as form parameter. You can read more details about this here.

Regards,

Amar

View solution in original post

Jump to Solution
0 Likes
3 REPLIES 3

Posted on --/--/---- --:-- AM
adevegowda
Staff
Reply posted on --/--/---- --:-- AM

Dear @Mahammad Feroz,

1. Please verify that you are passing the right refresh token

2. You need to inform Edge where you are passing the refresh token using the below tag

<RefreshToken>request.queryparam.refreshtoken</RefreshToken>

By default, it will take refresh token is passed as form parameter. You can read more details about this here.

Regards,

Amar

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
gaurav_bhandari
New Member
In response to adevegowda
Reply posted on --/--/---- --:-- AM

@Mahammad Feroz

Amar has rightly pointed out about the RefershToken tag which is missing.

Adding one more important point. A refresh token can be used to generate the access token only once. So in case if you are using the same refresh token to generate new access token then the validation will fail.

You can use the below tag in this policy for generating more than one access token for the same refresh token. But the cache here is that if you configure this tag and keep on generating access token from the same refresh token, then the previous access token are invalid and only recent generated access token will work.

<ReuseRefreshToken>true</ReuseRefreshToken>

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Feroz_Mahammad
New Member
In response to adevegowda
Reply posted on --/--/---- --:-- AM

Thank you @AMAR DEVEGOWDA and @gbhandari. It worked I am able to generate the refresh token now.

Jump to Solution
0 Likes