Hi, i had a previous topic opened on the same argument, no reply on that for like 40 days…

here the original problem…

Problems with access and refresh token lenght

Good morning,
I tried to create a new api and a new application, but when I go to make the calls to get access token and refresh token this comes back very short, and when I go to use it to access the api it is not considered and I access is rejected.
What could be the cause of the shortened length of these tokens and their failure?

To get the token I make a “GET” call like this
tenant/authorize?Audience=[audience]&scope=offline_access&response_type=code&client_id=[client_id]&redirect_uri=[redirect_uri]

after this call i recive a code like SN2Xs5Oe4a5JKuYD

After i recived the code i make a “POST” call like this

tenant/oauth/token
in the headers i send “Content-Type: application/x-www-form-urlencoded”
in the body i send
grant_type:authorization_code
client_id:[client_id]
client_secret:[client_secret]
code:SN2Xs5Oe4a5JKuYD
redirect_uri:[redirect_uri]

the response i recive is like

{
“access_token”: “dkqNzZvVP4NhCVmf1bFMRtIPyImsU3If”,
“refresh_token”: “KieNhLjKtYh9vjSJu524iZT7dbpje2bvxm_aYxDjrCvYF”,
“scope”: “offline_access”,
“expires_in”: 86400,
“token_type”: “Bearer”
}

I used to got a way longer access and refresh token in the test i did several month ago and that worked perfectly.

Thanks
Andrea

Hello @sw11,

Looks like you are getting an opaque token. This typically happens when you do not specify an audience parameter when calling the /authorize endpoint.

What value are you passing for your audience? Also, in your example above, audience is capitalized. I’m not sure if that matters.

Hello @markd ,
You were right, the error was caused by the “Audience” parameter which was supposed to be “audience” with the letter “a” small.

You solved my broblem.
Thanks a lot

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.