Issue
I have included the 'extended' scope while generating the authorization URI for oauth code grant flow, but while refreshing the access token, in the response I am getting the scope as 'signature'. How to get the refresh token with extended scope when refreshing the access token. I have attached my code to get the access token from refresh token.
auth_string = "{0}:{1}".format(
DOCUSIGN_CLIENT_ID, DOCUSIGN_CLIENT_SECRET
)
auth_encoded_hash = b64encode(auth_string.encode("utf-8"))
auth_header = auth_encoded_hash.decode("utf-8")
url = "https://account-d.docusign.com/oauth/token"
headers = {
"Authorization": "Basic {0}".format(auth_header),
"Content-Type": "application/x-www-form-urlencoded",
}
body = {"grant_type": "refresh_token", "refresh_token": refresh_token}
_response = requests.post(url, data=body, headers=headers)
response = _response.json() # here I am getting scope as 'signature'
My second follow up question on this, if the refresh token itself get expires while refreshing the access token what would be the error message I will be getting in the response above?
Solution
The refresh operation request does not include scopes. The refresh operation response may include the scopes that were previously requested.
Here is the refresh operation:
curl --location --request POST 'https://account-d.docusign.com/oauth/token' \
--header 'Authorization: Basic 'NWYxZTg4…………...TJkOGI2Yg==' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'refresh_token=eyJ0eX…………...Dp_hA' \
--data-urlencode 'grant_type=refresh_token'
If the refresh operation succeeds, then the response contains a new access token and a new refresh token.
Next, throw away the old refresh token and use the newly received refresh token until the next time.
In other words:
- the first refresh API call uses the refresh token returned by the Authorization Code grant flow
- then each subsequent refresh API call uses the refresh token returned by the prior refresh API call
Blog post about using refresh tokens
Answered By - Larry K Answer Checked By - Willingham (PHPFixing Volunteer)
0 Comments:
Post a Comment
Note: Only a member of this blog may post a comment.