Wrong Accounts API response for Live credentials while Sandbox works fine


(Manoj Goel) #1

We are getting problem while we fetch accountUrl using live credentials… same code works fine with sandbox credentials… but returns a wrong response with production credentials

{ status: 200,
headers: 
Headers {
_headers: 
{ date: [Object],
'content-type': [Object],
'content-length': [Object],
connection: [Object],
'set-cookie': [Object],
'x-request-id': [Object],
server: [Object],
'cf-ray': [Object] } },
body: { _links: { events: [Object], 'webhook-subscriptions': [Object] } } }

above response is received when we use client_id and client_secret for production…

whereas… while using sandbox crdentials… it includes account information in response as shown below:
can you suggest what is possibly wrong here?

This is the response received with sandbox credentials:

{ status: 200,
headers: 
Headers {
_headers: 
{ date: [Object],
'content-type': [Object],
'content-length': [Object],
connection: [Object],
'set-cookie': [Object],
'x-request-id': [Object],
server: [Object],
'cf-ray': [Object] } },
body: 
{ _links: 
{ account: [Object],
events: [Object],
'webhook-subscriptions': [Object],
customers: [Object] } } }

Not sure why just changing to live the response changes… and due to this reason we can’t process any payments because using accountUrl we need to fetch the fundingSource to be used for actual mass-pay request.

Please help!

If it may help, please find enclosed Node.js source code:

function payUsingDwolla() {
    console.log("[Dwolla] Inside payUsingDwolla...");


    ///////////////////////////////////
    // Initialize Dwolla
    //////////////////////////////////
    //
    var dwollaClient = new dwolla.Client({
      key: 'client_id',
      secret: 'client_secret',
      environment: 'production'
    });
    
    dwollaClient.auth.client()
    .then(function(appToken) {
      console.log(appToken);
      console.log("Dwolla Client Authorization Obtained... appToken: " + JSON.stringify(appToken));
      dwollaAccountToken = appToken;
      console.log("appToken.client: " + appToken.client);
      console.log("appToken.access_token: " + appToken.access_token);

      console.log ("Obtaining funding source...");
      
      var accountUrl;
      var fundingSource;
      appToken
      .get('/')
      .then(res => {
        console.log ("Dwolla account information retrieved...");
        console.log(res);
        accountUrl = res.body._links.account.href;
        console.log ("accountUrl: " + accountUrl);

        appToken
          .get(`${accountUrl}/funding-sources`)
          .then(res => {
            console.log ("Funding source retrieved.");
            console.log (res.body._embedded['funding-sources'][0]);
            fundingSource = res.body._embedded['funding-sources'][0]._links.self.href
            console.log ("Preparing request body...");
            
            ///////////////////////////////////
            // Prepare Request Body
            ///////////////////////////////////
            //
            var requestBody = {
              "_links": {
                "source": {
                  "href": fundingSource
                }
              },
              "items":list_of_user,
              "metadata": {
                "batchId": getRandomString()
              },
              "correlationId": getRandomString() + "-" + getRandomString() + "-" + getRandomString() + "-" + getRandomString()  
            };
    
            console.log (JSON.stringify(requestBody));
    
            ///////////////////////////////////
            //Create dwolla payout here..
            //////////
            // Begin: Create Dwolla Payout
            ///////////////////////////////////
            //
    
            console.log ("Creating dwolla payout..." );
            appToken
            .post('mass-payments', requestBody)
            .then(res => {
              console.log ("[dwolla] Mass payment response received.");
              console.log (res);
              console.log ( "res.headers.get('location'): " + res.headers.get('location'));
            }
            ); 
            console.log ("Created dwolla payout..." );
            //
            /////////
            // End: Create Dwolla Payout
            ///////////////////////////////////
          }); 
      }).then( () => {
        return appToken.get('webhook-subscriptions');
      }).then(function(res) {
        console.log("Subscriptions Obtained...");
        console.log(JSON.stringify(res.body));
        //console.log("access_token: " + res.body.client.access_token);
        //dwollaAccountToken = new dwollaClient.Token({access_token: res.body.client.access_token});
      });
    })
    console.log("[Dwolla] Leaving payUsingDwolla...");    
  }

(Spencer Hunter) #2

@goelmk, What access token are you using to call the API?

Regarding the access token needed to initiate payouts. You’ll need an account access token for your own account which will be calling the Dwolla API to initiate the payout. A few different options for obtaining an account access token. 1) Use the token generator which can be found on your created application at https://www.dwolla.com/applications. or 2) implement the OAuth flow and authenticate using your own account: https://developers.dwolla.com/guides/auth/authorization-code-flow.html


(Dave Agius) #3

How can we let you know what token we are using? Can I give you the last five characters?


(Dave Agius) #4

Also, we are using Transfer and not Access.

We are using the correct key and secret.


(Spencer Hunter) #5

@Dave_Agius, I can tell by the code provided in the previous reply that you’re fetching an app token. You’ll want to take a look at the readme for more information on how to instantiate a generated account access token. https://github.com/Dwolla/dwolla-v2-node#account-tokens


(Manoj Goel) #6

Hi Spencer,

Won’t the following code fetch the access token?

dwollaClient.auth.client()
    .then(function(appToken) {
      console.log(appToken);
      console.log("Dwolla Client Authorization Obtained... appToken: " + JSON.stringify(appToken));
      dwollaAccountToken = appToken;
      console.log("appToken.client: " + appToken.client);
      console.log("appToken.access_token: " + appToken.access_token);

Also, we’re trying to understand how come the same code works for Sandbox and not for Production? We can successfully process mass payments using same code, then why is it failing just for changing Client_Id and Client_Secret to production?

Please clarify.


(Spencer Hunter) #7

In the Sandbox each application is automatically created with a private scope enabled called ManageCustomers. The reasoning it’s enabled by default is to give developers the opportunity to develop against our Access API without needing to first be in a contract with Dwolla.

For Access API partners, you’re allowed to use an application access token for facilitating all calls in the API. This is primarily because Access API is white label by design and the main interaction is server-to-server.

In order to process payouts from an Account (any Transfer account) you need authorization from the account which is obtained via 3-legged OAuth. We do simplify this process by allowing you to generate an access token and refresh token pair at https://www.dwolla.com/applications. Once generated, you’ll simply store the token set and call the API periodically (passing in your refresh token) to refresh authorization on the account.


(Manoj Goel) #8

As we don’t have a white-lable account yet, shall we be able to process payments using Access API?


(Spencer Hunter) #9

@goelmk, You can get started with leveraging our pay as you go Transfer solution. You can then payout to email addresses as you mentioned previously. When you payout to an email address the user will be sent an email from Dwolla and be prompted to create a lightweight account in order to receive their funds.