Access and Refresh Token

Thought I would give some clarity on error codes you might get:

When Access token has expired, you’ll get 401 Unauthorized with the following message in body:
    {
        "success": false,
        "error": "Invalid token: access token has expired"
    }

When Refresh token is invalid, you’ll get 400 Bad request with the following message in body:
{
    "success": false,
    "message": "Invalid grant: refresh token is invalid"
}

Hey @David
We are running into an issue which is affecting more than 1200 customers we have with Pipedrive.
Even after generating a new access token from a refresh token successfully, we still get an error that says “Invalid token: access token is invalid”.
Please let me know where I can share more details.
This is a bit urgent and we are loosing the confidence that customers have put in both the products (JustCall and Pipedrive)

Any details on this?

Can you check if you are passing the API token in the query string?

You must not send the OAuth token in the query string like this: https://api-proxy.pipedrive.com/users/me?api_token=OAUTH_TOKEN
This causes our services to try and validate the api_token which obviously is not valid.
When making OAuth requests, you should only send the Authorization header with OAuth token and avoid using the string “api_token” in the URL

If the issue persists please share some details:

what is the exact URL you are making a request to with access token
• access token that failed
• timestamp of the request

We are not passing this as a query param. We can assure you that.

Hello,

Sorry for the delay from my end (I was gone for a week). We were investigating several different aspects of what we thought might be the issue, but it turns out that all of the cases we looked into that were offered these responses were given on companies that were closed or for users that were disabled

If you don’t believe this is the case, please message me more examples.