Kinde
Join the DiscordJoin the Slack

Welcome to the Kinde community.

P
K
A
A
A
Join

Machine Api Access Token granted once but not again

wwispyco
I am using NextJS, and I make a request like this below

Plain Text
const token = await fetch(`https://app.kinde.com/oauth2/token`, {
    method: "POST",
    headers: {
      "content-type": "application/x-www-form-urlencoded",
    },
    body: new URLSearchParams({
      audience: `https://wayakumqms.kinde.com/api`,
      grant_type: "client_credentials",
      client_id: "redacted",
      client_secret: KINDE_CLIENT_SECRET!,
    }),
  })

  const tokenData = await token.json();

  console.log("tokenData", tokenData.access_token);


And I get the correct access_token

I then eventually make a request to google and get a url for google drive auth I redirect to it and come back to my app with a session ID

I then in a different route run the same request as above to get a access_token again

so that I can get a token from google drive with the session ID

however I get the following error

Plain Text
tokenData undefined
tokenData undefined
Error getting token: {
  errors: [
    {
      code: 'INVALID_CREDENTIALS',
      message: 'Invalid credentials used to access API'
    }
  ]
}
 POST /api/connected-apps-token 403 in 1333ms
Error getting token: {
  errors: [
    {
      code: 'INVALID_CREDENTIALS',
      message: 'Invalid credentials used to access API'
    }
  ]
}


Not sure why it didnt worked the second time and did the first. I was under the assumption that this machine api access token shouldnt be stored but called when needed.
w
I
4 comments
wwispyco
I get this for the response

Plain Text
token Response {
  status: 401,
  statusText: 'Unauthorized',
  headers: Headers {
    date: 'Mon, 09 Sep 2024 14:32:29 GMT',
    'content-type': 'text/plain; charset=utf-8',
    'content-length': '174',
    connection: 'keep-alive',
    vary: 'Origin'
  },
  body: ReadableStream { locked: false, state: 'readable', supportsBYOB: true },
  bodyUsed: false,
  ok: false,
  redirected: false,
  type: 'basic',
  url: 'https://redacted.kinde.com/oauth2/token'
}
wwispyco
I figured this out this can be closed
IIkiTg07
Hey, do you mind sharing how you resolved your issue please ?
wwispyco
Oh Yes, I had to implement storage of the access token in my db with a expiry date and check for the expiry date and if it is expired run the request again if it is not expired use the same accesss token. Hope that helps. @IkiTg07
Add a reply
Sign up and join the conversation on Discord
Join