OAuth for multiple accounts with in one application

  • 1
  • Question
  • Updated 3 years ago
  • Answered
  • (Edited)
Having some trouble with Oauth and refresh token.

Currently we have about 10 different ring central accounts with anywhere from 1-10 lines being accessed.  we were just using a new Oauth each time we make a call (this works but is not a very good practice)

we added into our database an Oauth token. refresh token and expire (since we get 3600 per token before needing to refresh)

the issue we are running into which is unexpected.  when we request a new token. the previous token gives me an error of "Access token corrupted" , While the last requested line to get a token has a valid one.
Photo of lowerym

lowerym

  • 152 Points 100 badge 2x thumb

Posted 3 years ago

  • 1
Photo of Anton Nikitin

Anton Nikitin, Official Rep

  • 2,894 Points 2k badge 2x thumb
What platform/programming language are you using? This issue can be related to HTTP cookie processing.
Photo of lowerym

lowerym

  • 152 Points 100 badge 2x thumb
Currently using Ruby 1.9.3   Rails 2.3.18
Linux OS: Amazon linux
Photo of Anton Nikitin

Anton Nikitin, Official Rep

  • 2,894 Points 2k badge 2x thumb
OK, can you turn off cookies (if you support them) and try again?

In other words, you should not pass "Cookie" header in requests to API server, even if response contains "Set-Cookie" header.

We have backend issue about cookie processing which will be solved later in October.
(Edited)
Photo of lowerym

lowerym

  • 152 Points 100 badge 2x thumb
Seems i needed to switch to making a Curl call instead of a RestClient call to avoid the cookie issue

By chance could someone post the results of an expired refresh_token? 
Photo of Anton Nikitin

Anton Nikitin, Official Rep

  • 2,894 Points 2k badge 2x thumb
Result of a regular API call with expired access token will look like:

HTTP/1.1 401 Unauthorized
Server: nginx/1.6.3
Date: Mon, 14 Sep 2015 07:57:22 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 171
Connection: keep-alive
outingKey: SJC01P01PAS01
WWW-Authenticate: Bearer realm="RingCentral REST API", error="invalid_token"
Content-Language: en
{
  "errorCode" : "TokenExpired",
  "message" : "Access token expired",
  "errors" : [ {
    "errorCode" : "OAU-128",
    "message" : "Access token expired"
  } ]
}
(Edited)
Photo of John Wang

John Wang, Official Rep

  • 5,476 Points 5k badge 2x thumb
For Ruby, you can try using the community Ruby SDK available here:
This uses Intridea OAuth2 to manage authorization and Faraday for making API calls.
(Edited)