https://communities.sas.com/t5/Developers/SASLogon-oauth-token-Invalid-token-approvals-expired/m-p/630026#M662 <P>I tried it again today, and it worked.&nbsp; Must have been a critter in a circuitboard somewhere <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P> Fri, 06 Mar 2020 09:06:27 GMT AllanBowe 2020-03-06T09:06:27Z https://communities.sas.com/t5/Developers/SASLogon-oauth-token-Invalid-token-approvals-expired/m-p/629849#M660 <P>I'm running the following code as part of the <A href="https://github.com/macropeople/macrocore/blob/master/viya/mv_registerclient.sas" target="_self">mv_registerclient</A> macro for creating web services as described <A href="https://sasjs.io/quickstart/services/#viya" target="_self">here</A>.</P> <P>&nbsp;</P> <DIV> <DIV> <PRE><CODE class=" language-sas">proc http method='POST' in="grant_type=refresh_token&amp;refresh_token=&amp;REFRESH_TOKEN" out=&amp;FILEREF url='localhost/SASLogon/oauth/token' WEBUSERNAME="&amp;CLIENT_ID" WEBPASSWORD="&amp;CLIENT_SECRET" AUTH_BASIC; headers "Accept"="application/json" "Content-Type"="application/x-www-form-urlencoded"; run;</CODE></PRE> </DIV> </DIV> <P>This code has <STRONG>worked perfectly</STRONG>&nbsp;for at least 6 months, in a number of different Viya environments.&nbsp; However today it threw:</P> <P>&nbsp;</P> <PRE>{"error":"invalid_token","error_description":"Invalid token (approvals expired)"}</PRE> <P>&nbsp;</P> <P><SPAN>I generate a new client_id and client_secret every time I run the code, as I'm mainly doing demos or working with fresh installs.&nbsp; What could be the issue?</SPAN></P> <P>&nbsp;</P> Fri, 05 Jun 2020 00:31:47 GMT https://communities.sas.com/t5/Developers/SASLogon-oauth-token-Invalid-token-approvals-expired/m-p/629849#M660 AllanBowe 2020-06-05T00:31:47Z https://communities.sas.com/t5/Developers/SASLogon-oauth-token-Invalid-token-approvals-expired/m-p/629854#M661 <P>Hi Allan /&nbsp;<a href="https://communities.sas.com/t5/user/viewprofilepage/user-id/28909">@AllanBowe</a>&nbsp;</P> <P>&nbsp;</P> <P>Interesting. As you might know, the token in an OAuth2 kind of token, therefore, it can be printed as JSON . Have you tried that?</P> <P>&nbsp;</P> <P>Reason for me asking is because it is relatively common and well known:&nbsp;<A href="https://www.oauth.com/oauth2-servers/making-authenticated-requests/refreshing-an-access-token/" target="_blank">https://www.oauth.com/oauth2-servers/making-authenticated-requests/refreshing-an-access-token/</A></P> <P>This can help you to get better control on token expiration mechanics.</P> <P>&nbsp;</P> <P>The other possibility that comes to my mind is that there is a deeper issue in that system, which could invalidate tokens unexpectedly. For this is harder to provide guidance, as it could be given by time zone change, time change, updates (OS and/or SAS), etc.</P> <P>&nbsp;</P> <P>Nonetheless, curl is your friend <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span> As thumb rule: "Take things out of SAS, validate, then bring them back to SAS". Remove variables from the equation, then look at the logs.</P> Thu, 05 Mar 2020 16:05:52 GMT https://communities.sas.com/t5/Developers/SASLogon-oauth-token-Invalid-token-approvals-expired/m-p/629854#M661 JuanS_OCS 2020-03-05T16:05:52Z https://communities.sas.com/t5/Developers/SASLogon-oauth-token-Invalid-token-approvals-expired/m-p/630026#M662 <P>I tried it again today, and it worked.&nbsp; Must have been a critter in a circuitboard somewhere <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P> Fri, 06 Mar 2020 09:06:27 GMT https://communities.sas.com/t5/Developers/SASLogon-oauth-token-Invalid-token-approvals-expired/m-p/630026#M662 AllanBowe 2020-03-06T09:06:27Z https://communities.sas.com/t5/Developers/SASLogon-oauth-token-Invalid-token-approvals-expired/m-p/630028#M663 <P>Oh, the story of our life <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P> <P>&nbsp;</P> <P>Great to hear!</P> <P>&nbsp;</P> <P>You did well, not feeding him after midnight</P> <P>&nbsp;</P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-center" image-alt="0cf3776569094b5c73316999deec80a9" style="width: 400px;"><img src="https://communities.sas.com/t5/image/serverpage/image-id/36634i8B2C268A4D288414/image-size/medium?v=v2&amp;px=400" role="button" title="0cf3776569094b5c73316999deec80a9" alt="0cf3776569094b5c73316999deec80a9" /></span></P> <P>&nbsp;</P> Fri, 06 Mar 2020 09:16:39 GMT https://communities.sas.com/t5/Developers/SASLogon-oauth-token-Invalid-token-approvals-expired/m-p/630028#M663 JuanS_OCS 2020-03-06T09:16:39Z