Skip to main content
Question

[Auth] Refresh token is added as url query parameter

  • October 23, 2024
  • 1 reply
  • 30 views

Hi all, we’re facing the issue that we want to do the auth with Cognito, in code mode we have:

 

const options = {
  url: 'https://auth.hauzd.app/oauth2/token',
  method: 'POST',
  headers: {
    'content-type': 'application/x-www-form-urlencoded'
  },
  body: {
    'client_id': 'x',
    'grant_type': 'refresh_token',
    'refresh_token': bundle.authData.refresh_token
  },
  removeMissingValuesFrom: {
    'body': false,
    'params': false
  },
}

return z.request(options)
  .then((response) => {
    if (response.id_token) {
      return response.id_token
    }

    return false
  });

 

but it adds the refresh_token as query parameter, which causes a “invalid_grant” error.

It is a “Session auth”. We tried also “Api Key Auth” but it is the same… There is no way to avoid refresh_token to be put as query parameter.

Basically the issue is that the refresh_token should not be sent as query param but there is no way to remove it from there.

 

Please help. Thanks in advance!

Regards,

Gonzalo.

Did this topic help you find an answer to your question?

1 reply

MiguelC.
  • Zapier Staff
  • 9 replies
  • November 29, 2024

Hi there, ​@Hauzd

Thank you for your question: Miguel here from the Zapier Support team - Happy to lend a hand here!

It seems that you’re developing your own private app using our Developer Platform. If that’s the case, I’d suggest you raise a ticket through this page - https://developer.zapier.com/contact - as our team will be able to help you.

Hope this helps!