Access Token Revoked Error

comfort · 3 January 2022 14:03

Hi there,

I’m trying to make some Stuart API requests and I keep getting an error:

message: “The access token was revoked”
error: “INVALID_GRANT”

I’m not sure what’s causing this problem, and so I’m unable to do anything with Stuart at the moment.
Kindly help.

Harold · 3 January 2022 14:56

The access token has a 30 days duration, so it must be renewed when it expires.
You can find all the information you need here.

Notice that our client libraries already take into account our authentication process. We strongly recommend to use one of them and open a pull request if it is missing anything, we will be reactive to any of your PR.

comfort · 3 January 2022 18:29

Thank you @Harold,
I’ll let you know if I encounter any problems

comfort · 4 January 2022 12:32

Hello again @Harold,

I just tried to renew my access token by following the given instructions, but I’m still getting an error. When I send a post request to https://api.sandbox.stuart.com/oauth/token, with all the required info in the body i.e client_id, client_secret, grant_type and api; I get this error:

{
    "error": "invalid_client",
    "error_description": "Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method."
}

Could you please assist me with this.

Harold · 4 January 2022 13:45

Hello @comfort,

I think the error comes from the fact that the parameters should not be sent in the body, but in the header, as shown in the documentation:

curl --location --request POST 'https://api.sandbox.stuart.com/oauth/token' \
--data-urlencode 'client_id=[your_oauth_client_id]' \
--data-urlencode 'client_secret=[your_oauth_client_secret]' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'scope=api'

Could you try again this way please?
Thanks in advance,

comfort · 4 January 2022 15:06

Hi @Harold,

I just tried placing them in the header, and I’m still getting the same error.

Would creating a new account help?

Harold · 4 January 2022 15:43

Hi,
Could you check that you are targeting the correct environment:
For sandbox:

you have access to the sandbox dashboard, and you are using the credentials found here.
you are targeting the sandbox environment (https://api.sandbox.stuart.com/oauth/token) with these credentials.

For production:

you have access to the production dashboard, and you are using the credentials found here.
you are targeting the production environment (https://api.stuart.com/oauth/token) with these credentials.

If it is still not working, can you please give me the email address you are using?
Could you also give me an example of the request you are sending (without the client_id and client_secret) ?

Thanks in advance,

comfort · 4 January 2022 17:59

Hi @Harold,

It finally worked. Turns out I was using production credentials for sandbox testing.

Thanks very much for the help!

Harold · 5 January 2022 08:11

Happy to help!

Have a nice day!