We’re developing an integration with Zapier, and while most of the OAuth v2 works well, the refresh flow is not working for us. It seems that Zapier instead of polling our triggers in every 15 minutes, and after it gets a 401 calling into the refresh endpoint, it is calling the /validate endpoint for our OAuth platform, which gives back 400 so the refresh flow never happens.
Does anyone know when, where, why calls Zapier into the /validate endpoint?
Can we alter Zapier’s behaviour to only call into the auth endpoint then the token endpoint, get an access token, call our service with that token over and over until it gets a 401 from our service, then call into the refresh token endpoint on our oauth platform?
My team does not own the oauth platform, so I doubt modifying the /validate behavior to give back 401 is a valid route for us.
I’m wondering if this might be as a result of a redirect in your implementation? Calling a `/validate’ endpoint isn’t a Zapier built-in behavior, and I don’t see it referenced anywhere in your integration explicitly (I had a peek). You might explore logs or source on your side to see how/if that might be happening. I’d be curious to see if you called your Refresh Token Request from Postman or curl exactly as configured in your integration, what the behavior would be.
As you have a public integration and this might be affecting users’ experience (I’m assuming this is the production version we’re talking about), feel free to email email@example.com where we can have a look at logs and work with you to isolate the source of the issue.