Expiring OAuth returning Unauthorized status with message: Failed to validate auth code.

Question

question

iamaadim5 asked Oct 12, '23 bestchatgptapps answered May 13, '24

Expiring OAuth returning Unauthorized status with message: Failed to validate auth code.

I am trying to get new access_token, refresh_token in OAuth2.0 and keep getting.

data: {
                 
      status: 'Unauthorized',
      message: 'Failed to validate authentication code.'
    }

I am doing this.

const oauth_request_headers = {
    Authorization: "Client " + client_secret,
    Accept: "application/json",
    "Content-Type": "application/json",
  };

const baseUrl = "https://apisandbox.dev.clover.com";
const option = {
                        
    method: "POST",      
    url: `${
                  baseUrl}/oauth/v2/token`,      
    headers: oauth_request_headers, ## Same result with or without header as well.       
    data: JSON.stringify({
                          ## Same result whether or not I stringify or not.
             client_id: client_id,        
             client_secret: client_secret,        
             code: code,      
          }),    
    };
const cloverResponse = await axios.request(option);

Is it something that I am doing wrong?? I am using sandbox environment.

REST API Sandbox OAuth API Token access token

10 |2000

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Welcome to the
Clover Developer Community

Answer 1 · 2023-10-13T13:57:31Z

vikramgaru answered Oct 13, '23

This might be because you don't have the alternate launch path setup correctly. I will suggest setting up the alternate launch path as described in our docs and then trying again.

Alternate Launch Path.png

alternate-launch-path.png (106.0 KiB)

10 |2000

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Answer 2 · 2023-11-14T18:36:14Z

leandremmartineau answered Nov 14, '23 leandremmartineau edited Nov 17, '23

I had the same problem.

For me, I used /oauth/token instead of /oauth/v2/token and I finally got a successful response.

Yet, I am not 100% sure this is the way to go as /oauth/token is the url mentioned in the Europe/Latin America docs at the time of writing. But the Canada/US one, really mention using /oauth/v2/token, which was the one I was expected of using, as my merchant is in Canada. Maybe the documentation is simply wrong for Canada/US?

The obtained token worked for this endpoint :

GET https://scl-sandbox.dev.clover.com/pakms/apikey

But not any of the other ecommerce ones such as :

POST https://scl-sandbox.dev.clover.com/v1/customers

Still trying to figure out if it is related to the OAuth token itself or something else I missed, so you might give it a try.

---- EDIT

If it helps, I never got the oauth2 token to work for e-commerce endpoints.

I finally got it to work by sending an E-commerce API key as the Bearer token instead of going trough the OAuth, which works for my use-case.

I did not found it in the documentation tough, it is really written that going trough OAuth is the way to go for using E-commerce API.

The only documentation I found that mention E-commerce API keys is the one for the Magento (or Woocommerce) E-commerce plugin : https://docs.clover.com/docs/setting-up-an-api-token.

I used 'API' as the integration type and now, I can now make successful calls to the API with it.

10 |2000

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Answer 3 · 2023-12-25T02:09:53Z

submatic answered Dec 25, '23

@vikramgaru setting the alternate launch path did not help for me. It seems like the left pane logged in oauth 2 workflow does not work. It works if the user is logged out of Clover and initiates the request from the third party app.

10 |2000

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Answer 4 · 2023-12-25T17:35:32Z

submatic answered Dec 25, '23

Now it seems like there is a new error happening with the OAuth2 workflow (I'm using the sandbox only currently). When I inspect via the console I see a 500 internal server error on the following POST request https://sandbox.dev.clover.com/v2/merchant/[[merchant_id]]/apps/install/[[client_id]]

Hopefully this is resolved soon. Thanks

10 |2000

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Answer 5 · 2024-03-06T03:08:26Z

Satish answered Mar 6, '24

@vikramgaru Adding alternate launch path URL seems to have fixed the problem (at least in sandbox for now). But isn't the alt launch path supposed to be optional ?

10 |2000

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Answer 6 · 2024-05-03T11:14:34Z

lilluunk answered May 3, '24

The learning process can be much more manageable when you have a reliable assistant to help with various writing tasks, for example. I've found such a service professional essay writer that handles my assignments without charging a lot. You can see here that this service is affordable and effective, so I believe it's worth considering. That's what I did, and I recommend others do the same.

10 |2000

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Answer 7 · 2024-05-13T16:48:05Z

bestchatgptapps answered May 13, '24 bestchatgptapps edited May 13, '24

Looking for the best chat GPT apps? AICHATSY tops the list! It’s super smart and can do lots of cool stuff like chatting, summarizing articles, and recognizing images. Plus, it’s available on both iPhone and Android. So if you want the best chat buddy on your phone, AICHATSY is the way to go!

10 |2000

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

question