question

anandchakru avatar image
anandchakru asked jonnolen commented

How to refresh an access_token?

If an access_token is expired, during offline access,

  1. What is the error returned while making an api call with an expired access_token?
  2. How to refresh the access_token?
OAuth
10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

Mark Mullan avatar image
Mark Mullan answered jonnolen commented

Hi,

Expired access_tokens will return a 401 Unauthorized and a new one can be generated by following our OAuth protocol.

Specifically, by making a GET request to https://sandbox.dev.clover.com/oauth/token?client_id={appId}&client_secret={appSecret}&code={codeUrlParam}

3 comments
10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

the OAuth protocol says the following: If a merchant visits your website and the request does not contain a code , redirect them to https://www.clover.com/oauth/authorize

I don't have a code, as I'm accessing offline - (eg: on a webhook event) and at this point I don't have the merchant to redirect them to and get the new code (and eventually get the new access_token

Can I persist the code which I get first time and use it while refreshing the access_token?

0 Likes 0 ·

Are there any news on this? I'm in a much similar position and would like to know either how could this be obtained or if there is a specific duration for the access token so I know when it will expire.

0 Likes 0 ·

+1 looking for an answer to this. it appears that you cannot re-use an authorization code in the future.

0 Likes 0 ·

Welcome to the
Clover Developer Community