Expiring OAuth returning Unauthorized status with message: Failed to validate auth code.

Question

question

iamaadim5 asked Oct 12 2023 at 9:22 PM Satish answered Mar 06 2024 at 3:08 AM

Expiring OAuth returning Unauthorized status with message: Failed to validate auth code.

I am trying to get new access_token, refresh_token in OAuth2.0 and keep getting.

data: {
                 
      status: 'Unauthorized',
      message: 'Failed to validate authentication code.'
    }

I am doing this.

const oauth_request_headers = {
    Authorization: "Client " + client_secret,
    Accept: "application/json",
    "Content-Type": "application/json",
  };
 
const baseUrl = "https://apisandbox.dev.clover.com";
const option = {
                        
    method: "POST",      
    url: `${
                  baseUrl}/oauth/v2/token`,      
    headers: oauth_request_headers, ## Same result with or without header as well.       
    data: JSON.stringify({
                          ## Same result whether or not I stringify or not.
             client_id: client_id,        
             client_secret: client_secret,        
             code: code,      
          }),    
    };
const cloverResponse = await axios.request(option);

Is it something that I am doing wrong?? I am using sandbox environment.

REST API Sandbox OAuth API Token access token

HTML Editor

Tab to the formatting toolbar with Alt/Option + F10. If inside toolbar, press ESC to return to editor. Hint: Notify or tag a user in this post by typing @username.

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Welcome to the
Clover Developer Community

Answer 1 · 2023-10-13T13:57:31Z

vikramgaru answered Oct 13 2023 at 1:57 PM

This might be because you don't have the alternate launch path setup correctly. I will suggest setting up the alternate launch path as described in our docs and then trying again.

Alternate Launch Path.png

alternate-launch-path.png (106.0 KiB)

Answer 2 · 2023-11-14T18:36:14Z

leandremmartineau answered Nov 14 2023 at 6:36 PM leandremmartineau edited Nov 17 2023 at 4:54 PM

I had the same problem.

For me, I used /oauth/token instead of /oauth/v2/token and I finally got a successful response.

Yet, I am not 100% sure this is the way to go as /oauth/token is the url mentioned in the Europe/Latin America docs at the time of writing. But the Canada/US one, really mention using /oauth/v2/token, which was the one I was expected of using, as my merchant is in Canada. Maybe the documentation is simply wrong for Canada/US?

The obtained token worked for this endpoint :

GET https://scl-sandbox.dev.clover.com/pakms/apikey

But not any of the other ecommerce ones such as :

POST https://scl-sandbox.dev.clover.com/v1/customers

Still trying to figure out if it is related to the OAuth token itself or something else I missed, so you might give it a try.

---- EDIT

If it helps, I never got the oauth2 token to work for e-commerce endpoints.

I finally got it to work by sending an E-commerce API key as the Bearer token instead of going trough the OAuth, which works for my use-case.

I did not found it in the documentation tough, it is really written that going trough OAuth is the way to go for using E-commerce API.

The only documentation I found that mention E-commerce API keys is the one for the Magento (or Woocommerce) E-commerce plugin : https://docs.clover.com/docs/setting-up-an-api-token.

I used 'API' as the integration type and now, I can now make successful calls to the API with it.

Answer 3 · 2023-12-25T02:09:53Z

submatic answered Dec 25 2023 at 2:09 AM

@vikramgaru setting the alternate launch path did not help for me. It seems like the left pane logged in oauth 2 workflow does not work. It works if the user is logged out of Clover and initiates the request from the third party app.

Answer 4 · 2023-12-25T17:35:32Z

submatic answered Dec 25 2023 at 5:35 PM

Now it seems like there is a new error happening with the OAuth2 workflow (I'm using the sandbox only currently). When I inspect via the console I see a 500 internal server error on the following POST request https://sandbox.dev.clover.com/v2/merchant/[[merchant_id]]/apps/install/[[client_id]]

Hopefully this is resolved soon. Thanks

Answer 5 · 2024-03-06T03:08:26Z

Satish answered Mar 06 2024 at 3:08 AM

@vikramgaru Adding alternate launch path URL seems to have fixed the problem (at least in sandbox for now). But isn't the alt launch path supposed to be optional ?

question