Jump to content



Recommended Posts

Hi Andrew,

Thank you for your question.

What makes you believe the refresh_token has expired before 31 days please?

The token is invalid for one of three reasons:

1 - It has expired
2 - The user has revoked access
3 - The refresh token has been used before

In the majority of cases, it is generally reason three that is the cause, especially with apps using async calls to refresh the token. The scenario would usually be:

The connected app sends a request to exchange the current request token for a new set of tokens in an async call, during the exchange another request from the user is made, you detect that the current access token is expired and then send a second request to exchange the refresh token that is still being processed in the original request.

What are you doing to ensure this cannot occur? For example, if the tokens are stored in a DB table do you lock the table until the request has finished executing?



Link to comment
Share on other sites

  • 2 months later...

Why i am not getting my access token . I am setting up sage account to access Sage APi's.  I have followed  all steps as suggested in developer Guide. When click on Generate token button from Postman will redirected to sage login page and I have entered correct email & password , it is saying wrong email or password.


Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in

Sign In Now

  • Create New...