question

iamaadim5 avatar image
iamaadim5 asked bestchatgptapps answered

Expiring OAuth returning Unauthorized status with message: Failed to validate auth code.

I am trying to get new access_token, refresh_token in OAuth2.0 and keep getting.

data: {
                 
      status: 'Unauthorized',
      message: 'Failed to validate authentication code.'
    }


I am doing this.


const oauth_request_headers = {
    Authorization: "Client " + client_secret,
    Accept: "application/json",
    "Content-Type": "application/json",
  };

const baseUrl = "https://apisandbox.dev.clover.com";
const option = {
                        
    method: "POST",      
    url: `${
                  baseUrl}/oauth/v2/token`,      
    headers: oauth_request_headers, ## Same result with or without header as well.       
    data: JSON.stringify({
                          ## Same result whether or not I stringify or not.
             client_id: client_id,        
             client_secret: client_secret,        
             code: code,      
          }),    
    };
const cloverResponse = await axios.request(option);


Is it something that I am doing wrong?? I am using sandbox environment.

REST APISandboxOAuthAPI Tokenaccess token
10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

vikramgaru avatar image
vikramgaru answered

This might be because you don't have the alternate launch path setup correctly. I will suggest setting up the alternate launch path as described in our docs and then trying again.

Alternate Launch Path.png


10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

leandremmartineau avatar image
leandremmartineau answered leandremmartineau edited

I had the same problem.

For me, I used /oauth/token instead of /oauth/v2/token and I finally got a successful response.

Yet, I am not 100% sure this is the way to go as /oauth/token is the url mentioned in the Europe/Latin America docs at the time of writing. But the Canada/US one, really mention using /oauth/v2/token, which was the one I was expected of using, as my merchant is in Canada. Maybe the documentation is simply wrong for Canada/US?


The obtained token worked for this endpoint :

GET https://scl-sandbox.dev.clover.com/pakms/apikey

But not any of the other ecommerce ones such as :

POST https://scl-sandbox.dev.clover.com/v1/customers

Still trying to figure out if it is related to the OAuth token itself or something else I missed, so you might give it a try.

---- EDIT

If it helps, I never got the oauth2 token to work for e-commerce endpoints.

I finally got it to work by sending an E-commerce API key as the Bearer token instead of going trough the OAuth, which works for my use-case.

I did not found it in the documentation tough, it is really written that going trough OAuth is the way to go for using E-commerce API.

The only documentation I found that mention E-commerce API keys is the one for the Magento (or Woocommerce) E-commerce plugin : https://docs.clover.com/docs/setting-up-an-api-token.

I used 'API' as the integration type and now, I can now make successful calls to the API with it.



10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

submatic avatar image
submatic answered

@vikramgaru setting the alternate launch path did not help for me. It seems like the left pane logged in oauth 2 workflow does not work. It works if the user is logged out of Clover and initiates the request from the third party app.

10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

submatic avatar image
submatic answered

Now it seems like there is a new error happening with the OAuth2 workflow (I'm using the sandbox only currently). When I inspect via the console I see a 500 internal server error on the following POST request https://sandbox.dev.clover.com/v2/merchant/[[merchant_id]]/apps/install/[[client_id]]

Hopefully this is resolved soon. Thanks

10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Satish avatar image
Satish answered

@vikramgaru Adding alternate launch path URL seems to have fixed the problem (at least in sandbox for now). But isn't the alt launch path supposed to be optional ?

10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

lilluunk avatar image
lilluunk answered

The learning process can be much more manageable when you have a reliable assistant to help with various writing tasks, for example. I've found such a service professional essay writer that handles my assignments without charging a lot. You can see here that this service is affordable and effective, so I believe it's worth considering. That's what I did, and I recommend others do the same.

10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

bestchatgptapps avatar image
bestchatgptapps answered bestchatgptapps edited

Looking for the best chat GPT apps? AICHATSY tops the list! It’s super smart and can do lots of cool stuff like chatting, summarizing articles, and recognizing images. Plus, it’s available on both iPhone and Android. So if you want the best chat buddy on your phone, AICHATSY is the way to go!

10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Welcome to the
Clover Developer Community