OAuth2 connection only working for 20 minutes

Hi,

I am very pleased with the OAUTH2 feature of EasyMorph, but there is an annoyning thing with it:

I can make a connection with my application (exact online) and after the initial access token received at the authorisation expires a new access token is acquired and used by Easymorph, but when that access token expires the next refresh request fails with an error: {“error”:“unauthorized_client”,“error_description”:“Old refresh token used.”}. I have to re-authorize to get the connection working again.

Any idea how to fix this or is it a bug ?

Kind regards,

Harm van het Ende

Hi Harm and welcome to the Community!

The OAuth2 connector in EasyMorph has a limited functionality because at this point connectors in EasyMorph are immutable (i.e. read-only). Therefore, the connector only works well with services that don’t expire their refresh tokens at all (e.g. Google), or expire them once in a few months (e.g. Microsoft). If a service expires refresh tokens quickly, as it seems to be the case with Exact Online, the connector won’t be able to update the refresh token stored in the connector settings and therefore will expire and require re-authorization.

All in all, It’s a known issue which will be addressed next year with the introduction of global mutable key-value storage in EasyMorph.

Hi Dmitry,

Thanks for the prompt response. Do you have an estimate timeframe when the global mutable key-value storage will be available ?

It’s currently planned for 2021-Q2.

2 Likes

Hello!

I’m in the same situation, it’s good to know it’s on the roadmap :slight_smile:

Regards,

Roberto

Hi Roberto,

Are you using Exact Online also ?
If that’s the case which redirect url do you use. I am using the postman callback url, but it stopped working with an unauthorized client error message.

Hello Harm,

No, I’m using Salesforce. But you receive the “unauthorized client” error because the token has expired, right?

@dgudkov, while this is in development, is it possible to create OAuth2 + the refresh token procedure through different EasyMorph “Web Requests” actions? So setting the basic OAuth2 procedure first, and when a “session_expired” message is received from the API, then execute a certain set of actions that will obtain the refresh token and will resume the connection.

Thanks,

Roberto

This is technically possible, but it would be very very non-trivial. I would suggest to wait until we have it added to EasyMorph. Meanwhile, you can try using 3rd party services to pull data from Salesforce into Google Drive or Amazon S3, and then using EasyMorph to process it further.

Hello,

I’ve noticed that after a month without accessing a certain API, I don’t have to re-authorize again, the connection is still succeeding. Has something changed since January 2021 in the way you manage Oauth2, so that now I don’t have to re-authorize?

Thanks,

Roberto

We did a few minor improvements, but OAuth tokens are still static and don’t refresh automatically.

Ok. It’s strange because now I don’t have to re-authorize any more in Salesforce (the settings in Salesforce haven’t changed). Can I know what changes you did?

Roberto, those were really small technicalities. Can’t remember what exactly.

Ok, understood. Is the global mutable key-value storage still in the roadmap for 2021-Q2?

Thanks!

Roberto

Hello Roberto,Dmitri,

I just tested my connection to Exact Online. It is still the same as before (as expected).

Kind regards,

Harm van het Ende

Yes, it’s on the roadmap. Probably in July.

1 Like

Hello,

Will this issue be solved with "Shared memory"?

Thanks,

Roberto

Yes, in v5 OAuth refresh tokens will update automatically using a mechanism similar to “Shared memory”. This will resolve the problem with short-living OAuth connections.

By the way, a beta version is already available. Send me a DM if you would like to test OAuth and/or Shared memory.

In version 5.0 OAuth tokens now update/refresh automatically. EasyMorph can now handle connections to cloud apps with OAuth with very short-living tokens.

1 Like