CODEWITHSUNDEEP
phplaraveldocusignapirefresh-token
Odda Kussa
Odda Kussa

Reputation: 31

How to get access token using refresh token in DocuSign and PHP?

I want to update my access token using the previous refresh token in DocuSign? I am getting

{
    "error": "invalid_grant",
    "error_description": "unsupported_grant_type"
}

Below is how I made the request.

$client_id = env('DOCUSIGN_CLIENT_ID');
        $client_secret = env('DOCUSIGN_CLIENT_SECRET');

        $encoded_client_id = utf8_decode(base64_encode($client_id));
        $encoded_client_secret = utf8_decode(base64_encode($client_secret));

        $integrator_and_secret_key = "Basic " . "{$encoded_client_id}:{$encoded_client_secret}";
        // $integrator_and_secret_key = "Basic " . utf8_decode(base64_encode("{$client_id}:{$client_secret}"));

        $ch = curl_init();

        curl_setopt($ch, CURLOPT_URL, 'https://account-d.docusign.com/oauth/token');
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($ch, CURLOPT_POST, 1);
        $data = array(
            'refresh_token' => "My refresh token from previous successful request",
            'grant_type' => 'refresh_token',
        );
        curl_setopt($ch, CURLOPT_POSTFIELDS, $data);

        $headers = array();
        $headers[] = "Authorization: Basic " . "{$encoded_client_id}:{$encoded_client_secret}";
        $headers[] = 'Content-Type: application/x-www-form-urlencoded';
        $headers[] = 'Cache-Control: no-cache';
        
        curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);

        $result = curl_exec($ch);
        if (curl_errno($ch)) {
            echo 'Error:' . curl_error($ch);
        }
        Log::info($result);

Upvotes: 0

Views: 366

Answers (2)

Odda Kussa
Odda Kussa

Reputation: 31

For those who stuck on this issue: The solution was just to change the content-type from application/x-www-form-urlencoded to application/json

Upvotes: 0

Inbar Gazit
Inbar Gazit

Reputation: 14015

So, not confident that's the only issue, but the way you encode the clientId and clientSecret is different, you encode each part separately, instead of the whole thing with the colon.

https://www.docusign.com/blog/developers/authorization-code-grant-refresh-tokens shows that it's done like this:

string codeAuth = (clientId ?? "") + ":" + (clientSecret ?? "");
byte[] codeAuthBytes = Encoding.UTF8.GetBytes(codeAuth);
string codeAuthBase64 = Convert.ToBase64String(codeAuthBytes);

Note that the string that's encoded already had them combined, not each of them encoded separately.

Now, the error can also be because the Integration Key (IK or clientID) is not configured correctly, you use a bad refreshToken, it expired, you use the wrong environment (developer vs. production) and maybe a couple more reasons I forgot. Need to triple check all the values to ensure this if still not working.

Upvotes: 1

Related Questions