Hi all,
I'm having an issue getting/refreshing my access token with Sage. The issue is that when I run my code I get the following error: Error getting access token: 403 - Forbidden. I know that 403 errors are usually linked to a lack of permissions, but what baffles me is getting refreshing my access token works completely fine in my postman. I've been using these two guides(https://developer.sage.com/200c/guides/authentication/, gb-kb.sage.com/.../viewsolution.jsp to help me but I still can't figure out the reason I'm getting the error. Can someone tell me if I've missed any steps or point me in the direction of something that could help?
Here is a copy of my code:
public class AccessTokenRefresh {
private static final String CLIENT_ID = 'xxxxxClientIDxxxxxxxxx';
private static final String CLIENT_SECRET = 'xxxxxxxxClientSecretxxxxxxxxxxxxxxxxxxx';
private static final String REFRESH_TOKEN = 'xxxxxxxxxRefreshTokenFromPostman';
public static String refreshAccessToken() {
Http http = new Http();
HttpRequest request = new HttpRequest();
request.setMethod('POST');
request.setHeader('Content-Type', 'application/x-www-form-urlencoded');
String clientCredentials = CLIENT_ID + ':' + CLIENT_SECRET;
String encodedCredentials = EncodingUtil.base64Encode(Blob.valueOf(clientCredentials));
request.setHeader('Authorization', 'Basic ' + encodedCredentials);
String requestBody = 'grant_type=refresh_token&refresh_token=' + REFRESH_TOKEN;
request.setBody(requestBody);
HttpResponse response = http.send(request);
String responseBody = response.getBody();
System.debug('response body: ' + responseBody);
Map<String, Object> responseMap = (Map<String, Object>) JSON.deserializeUntyped(responseBody);
String accessToken = (String) responseMap.get('access_token');
System.debug('Access token: ' + accessToken);
return accessToken;
}
public static String getAccessToken() {
HttpRequest req = new HttpRequest();
Http http = new Http();
HttpResponse res;
String clientId = 'xxxxMyClientIdxxxx';
String clientSecret = 'xxxxxxMyClientSecret';
String authorization = EncodingUtil.base64Encode(Blob.valueOf(clientId + ':' + clientSecret));
req.setEndpoint(endpoint);
req.setMethod('POST');
req.setHeader('Content-Type', 'application/x-www-form-urlencoded');
req.setHeader('Authorization', 'Basic ' + authorization);
req.setHeader('User-Agent', 'PostmanRuntime/7.31.3');
req.setHeader('Accept', '*/*');
req.setHeader('Cache-Control', 'no-cache');
req.setHeader('Host', 'id.sage.com');
req.setHeader('Accept-Encoding', 'gzip, deflate, br');
req.setHeader('Connection', 'keep-alive');
String requestBody = 'grant_type=authorization_code&code=[Authcode]&redirect_uri=' + EncodingUtil.urlEncode(redirectUri, 'UTF-8');
req.setBody(requestBody);
try {
res = http.send(req);
System.debug('Response: ' + res);
} catch(System.CalloutException e) {
System.debug('Callout error: ' + e);
return null;
}
if (res.getStatusCode() == 200) {
Map<String, Object> responseMap = (Map<String, Object>) JSON.deserializeUntyped(res.getBody());
return (String) responseMap.get('access_token');
} else {
System.debug('Error getting access token: ' + res.getStatusCode() + ' - ' + res.getStatus());
return null;
}
}
}
