Question

Building Private Service Fusion App - Authentication Expires

  • 2 May 2023
  • 1 reply
  • 76 views

I’m trying to build a private Zapier app using the Service Fusion API documentation. I’m having trouble with Authentication. I can get it to authenticate, but it always expires.

 

I’ve tried using the refresh token in Form mode and in Code mode as well, but it doesn’t ever seem to work inside of the Zapier app. It’ll be fine the first use, but then the auth expires.

 

Here’s the Access Token Request code we’re using:

const options = {
url: 'https://api.servicefusion.com/oauth/access_token',
method: 'POST',
headers: {
'content-type': 'application/json'
},
params: {

},
body: {
'grant_type': 'authorization_code',
'client_id': process.env.CLIENT_ID,
'client_secret': process.env.CLIENT_SECRET,
'code': bundle.inputData.code,
'redirect_uri': bundle.inputData.redirect_uri
}
}

return z.request(options)
.then((response) => {
response.throwForStatus();
const results = response.json;

// You can do any parsing you need for results here before returning them

return results;
});

Here’s the Refresh Token Request code we’re using:

const options = {
url: 'https://api.servicefusion.com/oauth/access_token',
method: 'POST',
headers: {
'content-type': 'application/json'
},
params: {

},
body: {
'grant_type': 'refresh_token',
'refresh_token': bundle.authData.refresh_token
}
}

return z.request(options)
.then((response) => {
response.throwForStatus();
const results = response.json;

// You can do any parsing you need for results here before returning them

z.console.log(bundle.authData)
return results;
});

 

Does anyone with Service Fusion experience have any advice?


1 reply

Userlevel 7
Badge +8

Hi @TimF99 

 

I might be terribly wrong, but shouldn't the Access Token Request Code be actually in the “Authorization URL” part? the code where you say “Here’s the Access Token Request code we’re using:” looks like it belongs in the Authorization URL portion of building your integration. 

 

For the Access Token, the grant_type is client_credentials, not authorization-code. It also doesn't have “code” or “redirect_uri” in the headers. 

 

Hopefully this helps. 

Reply