Javed IN
Javed IN

Reputation: 332

Get invalid_grant error when attempting to refresh a token

I am developing a node.js application which uses outlook rest API to fetch the mails. I am using this API.

I am trying to refresh the token using the following request. I am using request npm to call the API

{
    url: 'https://login.microsoftonline.com/{tenant-id}/oauth2/v2.0/token',
    method: 'POST',
    headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
    formData:
    {
        scope: 'offline_access User.Read Mail.Read',
        client_id: 'c251b61b-c6db-4f64-89bd-7009444d1bc8',
        grant_type: 'refresh_token',
        redirect_uri: 'http://localhost:3000/myurl',
        refresh_token: 'refresh-token',
        client_secret: 'cli-secret'
     }
}

but getting the following error

{
  "error": "invalid_grant",
  "error_description": "AADSTS9002313: Invalid request. Request is malformed or  invalid.745ec0500",
  "correlation_id": "a2d87f11-0671-41f1-a5e7-654f1796c3d1"
}

I have also tried with adding Content-length in headers and appending all variables into a string using & and = and sending that in the body, but I got the same error. I am getting an access-token successfully.

Upvotes: 2

Views: 4702

Answers (2)

Md Farid Uddin Kiron
Md Farid Uddin Kiron

Reputation: 22523

So far I know you are trying to get refresh token in the wrong way.

As the error said, you are trying in incorrect grant_type.

As per your given document reference the grant_type should be authorization_code. Once you would get your Code then you need to use it for achieving access tokenand refresh token.

When your access token would expired then you have to use the refresh token to get a new access token as document explains.

In that case try with response_type=code format.

Request For Code:

enter image description here

Get Code In Postman Console:

enter image description here

Request For Access And Refresh Token With Code:

enter image description here

Get Access And Refresh Token By Code:

enter image description here

Get Refresh Token When Access Token Expired:

enter image description here

Note: This this the exact way how you would get authorization code and with this code how to get access token along with refresh token finally how to renew token with the refresh token when the access token expired!

Upvotes: 3

Bharvi Manvar
Bharvi Manvar

Reputation: 49

When you generate the access token the first time that time you also get the refresh token. you have to store that token anywhere you can also store it in a database or a txt file.

 $post_params_refresh = array(
"grant_type" => "refresh_token",
"client_id" => 'ReplaceYourClientId',
"refresh_token" => 'ReplaceYourOldRefreshToken',
"client_secret" => 'ReplaceYourClientSecretKey',
'scope' => 'https://graph.microsoft.com/User.ReadWrite.All',
);
$refreshTokenUrl = "https://login.windows.net/common/oauth2/v2.0/token";
$curl_refresh = curl_init($refreshTokenUrl);
curl_setopt($curl_refresh, CURLOPT_POST, true);
curl_setopt($curl_refresh, CURLOPT_POSTFIELDS, $post_params_refresh);
curl_setopt($curl_refresh, CURLOPT_HTTPHEADER, array("application/x-www-form-urlencoded"));
curl_setopt($curl_refresh, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($curl_refresh, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl_refresh, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($curl_refresh, CURLOPT_RETURNTRANSFER, 1);
$response_refresh = curl_exec($curl_refresh);
$arrResponseRefresh = json_decode($response_refresh);
$accessToken = $arrResponseRefresh->access_token;
$refreshToken = $arrResponseRefresh->refresh_token;

You get a new refresh token using this curl method and update this refresh token to the old token which you stored previously.

Upvotes: 1

Related Questions