Invalid access token without reason (Solved)

SaphirAngel · October 24, 2019, 10:53am

Hi,

We have a strange problem with access token.
We use oauth2 for add activities in our curstomer pipedrive Account.
When access token is expired, we use the refresh token to have a new access token.
But, sometimes, the access tokens generated are not valid while the refresh token looks valid.

The API always returns this error, no matter how many times you try to generate the access token :
{
“success”: false,
“error”: “Invalid token: access token is invalid”,
“errorCode”: 401
}

Do you know where the bug may be ?

Thanks for responses,
Regards,
Rémi

David · September 27, 2019, 1:16pm

Hi @SaphirAngel

Have you seen any pattern for when the access_token is invalid?

Louis-Michel_Mathurin · October 1, 2019, 8:13pm

Got the same problem here. If we call the the same entry point multiple time in a row, one will fail with the 401 error even if the access token have not expired.

Best regards,

SaphirAngel · October 1, 2019, 9:14pm

Hi DavidLorbiecke,

Not pattern in particular.
But activities are created in response to telecom events. This events can be a lot.
So, maybe relation with Louis-Michel_Mathurin response but the customers who have the problem are not the ones who make the most calls to the API.

And most importantly, why new tokens are always invalid while the refresh token is valid.

Thanks for responses,
Regards,
Rémi

JustCall_Tech · October 6, 2019, 5:29pm

Exactly same situation is happening with us as well. Even though we get new acces_tokens from refresh_tokens, they are considered invalid by PD APIs.

David · October 7, 2019, 7:53am

Sorry for the wait, our team is investigating. Trying to get a resolution as the cause of this.

JustCall_Tech · October 7, 2019, 4:20pm

Does Pipedrive allows us to have multiple access tokens from the same refresh token? As far as we can tell, there can be only one access token corresponding to one refresh token in Pipedrive.

danielpicon · October 9, 2019, 7:46am

To answer this specific question, for the time being we only allow one access token corresponding to a refresh token. Feel free to share the use case so I can share with our product folks.

danielpicon · October 9, 2019, 7:49am

Can you share the following:

userID/companyID/time of request where you got an error. Ideally it would be one company&user that consistently has these problems, so we could add more logging. Otherwise, if they are random ones, it’s more difficult to debug

JustCall_Tech · October 9, 2019, 9:44am

Company ID - 591653
Pipedrive User ID - 4544079
Time: 9:43 am
Wednesday, 9 October 2019 UTC
We tried refreshing tokens, we got a new access token, but that was called invalid and expired.

Though refresh token still gives us a new access token

JustCall_Tech · October 9, 2019, 9:51am

We are seeing this spread across multiple PD teams, is there a way we can arrange a call with your engineering team. We have logs that support these erros that we are receiving from your end.

JustCall_Tech · October 9, 2019, 11:59am

Company ID - 1104259
Pipedrive User Id - 1104259
UTC time - 11:58 am
Wednesday, 9 October 2019 UTC

Refresh token allows us to generate a new access token. When we make API calls via this new access token it says the access token is invalid.

danielpicon · October 10, 2019, 3:09pm

Can you please share with us the following when there’s another failure:
• what is the exact URL you are making a request to with an access token
• access token that failed
• timestamp of the request

JustCall_Tech · October 15, 2019, 9:41am

Company ID - 4711194
PD User ID - 9375333

Have DM you the details @danielpicon

David · October 21, 2019, 12:03pm

Can you try this User again? I believe the user was deactivated at the time, but is active now.

David · October 23, 2019, 9:14am