Failure to obtaiin the Pipedrive API oAuth token with error 1020 and HTTP status 403

Hello,

I am developing an application for a customer that wants to integrate his application with Pipedrive using the oAuth based API.

I am using a PHP programming component available in the page below that I developed and it is able to access many APIs based on OAuth.

https://www.phpclasses.org/package/7700-PHP-Authorize-and-access-APIs-using-OAuth.html

I am adding support to the Pipedrive API using this PHP component.

So I developed a simple test script with the link that I am passing below. The test script calls the Pipedrive API oAuth server to obtain an API access token.

While trying to obtain the access token by sending an HTTP POST request to https://oauth.pipedrive.com/oauth/token it fails with error 1020 and returns HTTP status code 403.

What can I be doing wrong to give this error?

In this example I replaced the Pipedrive API application client id by cccc and the client secret by ssss .

The application test script is located at: https://www.manuellemos.net/oauth/login_with_pipedrive.php

Below I am passing a log of activity generated by this PHP component that I have developed so you can see the HTTP request activity so you can see more details of what is going on.

Thank you in advance for any clarification.

OAuth client: Checking if OAuth access token was already retrieved from https://oauth.pipedrive.com/oauth/token
OAuth client: A valid access token is not available
OAuth client: Getting the authentication state from URI /oauth/login_with_pipedrive.php
OAuth client: Checking the authentication state
OAuth client: The authentication state value was not passed by the OAuth server.
OAuth client: The authentication state is not valid.
OAuth client: Redirecting to OAuth Dialog https://oauth.pipedrive.com/oauth/authorize?client_id=cccc&redirect_uri=https%3A%2F%2Fwww.manuellemos.net%2Foauth%2Flogin_with_pipedrive.php&state=1651912272-afa00d
OAuth client: Checking if OAuth access token was already retrieved from https://oauth.pipedrive.com/oauth/token
OAuth client: A valid access token is not available
OAuth client: Getting the authentication state from URI /oauth/login_with_pipedrive.php?code=11472835.15188093.7e2179833fece5c4df818e43910a87ffafd8d369&state=1651912272-afa00d
OAuth client: Checking the authentication state
OAuth client: Checking the authentication code
OAuth client: Accessing the OAuth access token at https://oauth.pipedrive.com/oauth/token
Connecting to oauth.pipedrive.com
Resolving HTTP server domain “oauth.pipedrive.com”…
Connecting to HTTP server IP 104.18.188.228 port 443…
Connected to oauth.pipedrive.com
C POST /oauth/token HTTP/1.1
C Host: oauth.pipedrive.com
C User-Agent: PHP-OAuth-API (PHP OAuth Library: Authorize and access APIs using OAuth - PHP Classes $Revision: 1.179 $)
C Accept: /
C Authorization: Basic [Here I replaced by the original value by base64_encode(cccc:ssss)]
C Connection: Keep-Alive
C Content-Type: application/x-www-form-urlencoded
C Content-Length: 175
C
C code=11472835.15188093.7e2179833fece5c4df818e43910a87ffafd8d369&redirect_uri=https%3A%2F%2Fwww.manuellemos.net%2Foauth%2Flogin_with_pipedrive.php&grant_type=authorization_code
S HTTP/1.1 403 Forbidden
S Date: Sat, 07 May 2022 08:31:17 GMT
S Content-Type: text/plain; charset=UTF-8
S Content-Length: 16
S Connection: keep-alive
S X-Frame-Options: SAMEORIGIN
S Referrer-Policy: same-origin
S Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
S Expires: Thu, 01 Jan 1970 00:00:01 GMT
S Expect-CT: max-age=604800, report-uri=“https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct”
S Set-Cookie: __cf_bm=c214fXnVbqRVohazuuKSqb3Jfr2Ag8Dm5HLbhnjtwFc-1651912277-0-AY3VLZwBoOTZ64lZVqz+icenlHRDcKMCSqHwR0gv7O0K2FPi/qD0WiDQKQ4z0aXz09DmNLUyQGDYYdYyakRz/qE=; path=/; expires=Sat, 07-May-22 09:01:17 GMT; domain=.pipedrive.com; H
ttpOnly; Secure; SameSite=None
S Strict-Transport-Security: max-age=31536000; includeSubDomains
S X-Content-Type-Options: nosniff
S Server: cloudflare
S CF-RAY: 7078993628498d52-ATL
S alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
S
S error code: 1020
Keeping the connection alive to oauth.pipedrive.com
OAuth client: Could not retrieve the OAuth access token. Error: it was not possible to access the OAuth access token: it was returned an unexpected response status 403 Response: error code: 1020
OAuth client: Error: it was not possible to access the OAuth access token: it was returned an unexpected response status 403 Response: error code: 1020

Hi @mlemos
Welcome to the community and for sharing this in detail :slight_smile:
I suspect a couple of things

  • From the looks of it, the error seems to be originating from Cloudflare (403, 1020 status code is not issued by Pipedrive AFAIK).
  • Another possible reason could be the user-agent header. However, I think its highly unlikely.

A quick way to validate is to try the same using GitHub - pipedrive/client-php: Pipedrive API client for PHP and see if it works / fails

Hello Hem,

Thank you for your reply.

Early this week I realized that the problem was the user-agent that should have a specific value to emulate Pipedrive SDK.

I updated my package and now the update is available in this package page:

https://www.phpclasses.org/package/7700-PHP-Authorize-and-access-APIs-using-OAuth.html

Anyway, thank you for your interested to help.