Invalid code received trying to complete oauth authorization


(Gastón Avila) #1

I’m having trouble getting this part of the SEND-MONEY guide
https://developers.dwolla.com/guides/send-money/01-direct-onboarding.html
The flow works until I try to get the newly created user’s account_id for later doing the transfer. I get the code using requestb.in and then send a
POST https://uat.dwolla.com/oauth/v2/token
with

{
        "client_id": client_id,
        "client_secret": client_secret,
        "code": code,
        "grant_type": "authorization_code",
        "redirect_uri": 'http://requestb.in/103meig1'
}

with the corresponding variables an I get

{u'error_description': u'Invalid code.', u'error': u'access_denied'}

in the response. I’m using UAT and my application has all permissions set to allow.
Any ideas? What am I doing wrong?
Thanks


(Spencer Hunter) #2

Are you setting the code value somewhere further up in your code? Can you verify that you are passing the authorization code you get from request bin into your request body properly?


(Gastón Avila) #3

It worked now, did not change a thing. After the first account I added, it started working. Will come back if it fails again.


(Spencer Hunter) #4

@Gaston_Avila, I believe the expiration time of the authorization code is 60 seconds, so if you don’t POST to the token endpoint within this timeframe then you could get Invalid code. This may not necessarily be what you were running into but I thought I’d mention it just in case.