Getting error while authorizing app with OAuth

soujanya · November 4, 2020, 1:59pm

I’m trying to install the app using OAuth and I’m receiving the below error
TokenError: Client authentication failed.
at OAuth2Strategy.parseErrorResponse
at OAuth2Strategy._createOAuthError

Can you let me know why I’m getting this type of error? This is happening in both local as well as a custom app.
Below is my oauth_config.json
{
“client_id”: “0d518115-6f6f-40fe-8085-a7c6047204a0”,
“client_secret”: “Sb24I33BpNDiNoe79wlTgA==”,
“authorize_url”: “https://api.getgo.com/oauth/v2/authorize”,
“token_url”: “https://api.getgo.com/oauth/v2/token”,
“token_type”: “account”
}

In the client_secret I have some special characters like +,=,/ etc will those impact to authorize the app? The same procedure is working fine in postman.

-Soujanya.

Raghu_Murugesan · November 5, 2020, 6:55pm

Hi @soujanya,

Special characters in secret should not affect the authorization

From the goto oAuth documentation - link, it is stated that we need to be sending an Authorization header to obtain the access token.

To achieve this, we can leverage the options field in config/oauth_config.json. OAuth

Reference below,

Let us know if you are still facing this issue after trying with the auth header.

soujanya · November 6, 2020, 6:27am

Hi @Raghu_Murugesan,

This worked fine while installing and when accessing the access token it is giving me the below error
response: "{“int_err_code”:“InvalidToken”,“msg”:“Invalid token passed”}"
and in the GoToAssist documentation its mentioned like IMPORTANT: The access token and refresh token values are truncated. They are large values. will this effect while using API calls?
Below are the headers I used for making API calls

 var headers = {
      "Authorization": "Bearer <%= access_token %>",
      "Content-Type": "application/x-www-form-urlencoded",
      "Accept": "application/json"
 };

-Soujanya.

Raghu_Murugesan · November 6, 2020, 2:34pm

Thanks for the update @soujanya.

Sample values present in the GoTo documentation are representational purposes and the platform doesn’t receive or use the truncated value.

And regarding Invalid token error, can you share the app id to debug further - How to obtain App ID from the Developer Portal?

soujanya · November 6, 2020, 3:50pm

Sure Raghu here is the app id https://www.freshdev.io/custom_apps/33459-fs-gotoassist/edit.
-Soujanya.

Raghu_Murugesan · November 6, 2020, 5:59pm

Hi @soujanya,

Seems like isOAuth: true is missed in the options sent to post-call. Can you check if that resolves the issue?

soujanya · November 9, 2020, 4:51am

Hi @Raghu_Murugesan,
This is my first OAuth app so I missed some major points and thank you for your quick assistance without hesitating
-Soujanya.