Requesting access token for Ride request returns 'invalid_grant' error

Question

I want users to request Uber rides from my app, https://developer.uber.com/docs/rides/authentication

Under OAuth 2.0 section at the above URL, there are 6 steps:

1. Authorize (done)
2. Receive redirect (done)
3. Get an access token ('invalid_grant' error)

The following screenshot is from Postman. I tried passing client_id, client_secret, grant_type, redirect_uri and code as parameters, form-data and x-www-form-url-encoded. But every time it returns the same error.

I have put 'http://localhost:3000/auth/uber/callback' as redirect URL in my Uber App dashboard.

I have even tried the following curl command in the terminal, but it returns the same 'invalid_grant' error.

Can someone help me with this issue?

Answer 1

Your Postman request looks correct to me. My best guesses at what's going on:

1. You have multiple redirects set up, and you're using one redirect URL when you do the authorization phase and a different one when you try and do token exchange

2. You're doing authorization for one client_id, and trying to do token exchange for another

3. You're authorization code has already been used / expired. Keep in mind its' only good for one request.

Could you try the following and tell me what happens:

1. Do the authorization flow and pay special attention that the client id and redirect URI you put in your authorization URL are correct

2. After your browser redirects, copy the authorization code out of the redirect URL

3. Put the authorization code into the Postman request / curl statement and make sure that the client id / redirect URI is correct when you do it.

Answer 2

Status Code: 401 Unauthorized

    {
      "error": "invalid_grant"
    }

1. You are using an invalid refresh_token. You can generate multiple access tokens, but you can only use the latest generated refresh_token.

2. You supplied an invalid code when exchanging an authorization code for an access_token.