Skip to main content

I have some Python code that has successfully been making API calls for months (to specifically start a Workflow). It suddenly stopped working the week before last. When I went to investigate, the code that gets me an access token has suddenly stopped working, returning the normal error of {'error': 'invalid_grant', 'error_description': 'Grant credentials are invalid'}

My question is, is there some kind yearly “account refresh” I need to do? Or is there a backend token I am not aware of that needs a refresh? I did check and my client secret, client id, and service account id are all correct. 

Here is a simplified version of the code. 

def get_access_token(client_id_var, client_secret_var, service_account_id):
#This URL gets us our access token
# Define the URL
url = "https://api.box.com/oauth2/token"

# Define the request parameters
payload = {
"client_id": client_id_var,
"client_secret": client_secret_var,
"grant_type": "client_credentials",
"box_subject_type": "user",
"box_subject_id": service_account_id}

# Define headers
headers = {
"content-type": "application/x-www-form-urlencoded"
}

# Send POST request
#This sends all of the above information to box and in return it gives us our access token.
response = requests.post(url, data=payload, headers=headers)
response_json = response.json()
print(response.json())
access_token = response_jsons'access_token']
return(access_token)


def create_header(client_id_var, client_secret_var, service_account_id):
access_token = get_access_token(client_id_var, client_secret_var, service_account_id)
headers = {
'Authorization': f'Bearer {access_token}',
'Box-Client-Id': client_id_var,
'Box-Client-Secret': client_secret_var}
print("Sucesfully Got the Access Token and Created the Header")
return(headers)


And then I’d use the header to make the API Calls. Again, this worked successfully for months and I checked and my client id, secret, and account id have not changed.

Hi @user169 👋 To resolve the issue with API call suddenly not working due to an "invalid_grant" error, you can try the following steps:

1. **Check Token Expiry**: Check if the access token has expired. If it has, request a new one.

2. **Refresh Token**: See if there is a refresh token available to get a new access token without re-authenticating.

3. **Verify Credentials**: Double-check that your client ID, client secret, and service account ID are correct.

4. **Review API Permissions**: Make sure the necessary permissions for your application or service account are still valid and have not been revoked or modified.

5. **API Endpoint Changes**: Check if there have been any updates or changes to the API endpoint URL or parameters that may affect how you obtain an access token.

6. **Error Handling**: Implement proper error handling in your code to capture and handle different types of errors gracefully, providing more detailed information in case of failures.

By following these steps and potentially refreshing your access token as needed, you should be able to address the issue with your API calls no longer working as expected due to an "invalid_grant" error.


Reply