question

lowerym97 avatar image
lowerym97 asked John Wang answered

OAuth for multiple accounts with in one application

Having some trouble with Oauth and refresh token.

Currently we have about 10 different ring central accounts with anywhere from 1-10 lines being accessed.  we were just using a new Oauth each time we make a call (this works but is not a very good practice)

we added into our database an Oauth token. refresh token and expire (since we get 3600 per token before needing to refresh)

the issue we are running into which is unexpected.  when we request a new token. the previous token gives me an error of "Access token corrupted" , While the last requested line to get a token has a valid one.
topic-default
1 |1000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

anton-nikitin avatar image
anton-nikitin answered
What platform/programming language are you using? This issue can be related to HTTP cookie processing.
1 |1000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

lowerym97 avatar image
lowerym97 answered
Currently using Ruby 1.9.3   Rails 2.3.18
Linux OS: Amazon linux
1 |1000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

anton-nikitin avatar image
anton-nikitin answered
OK, can you turn off cookies (if you support them) and try again?

In other words, you should not pass "Cookie" header in requests to API server, even if response contains "Set-Cookie" header.

We have backend issue about cookie processing which will be solved later in October.
1 |1000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

lowerym97 avatar image
lowerym97 answered
Seems i needed to switch to making a Curl call instead of a RestClient call to avoid the cookie issue

By chance could someone post the results of an expired refresh_token? 
1 |1000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

anton-nikitin avatar image
anton-nikitin answered
Result of a regular API call with expired access token will look like:

HTTP/1.1 401 Unauthorized Server: nginx/1.6.3
Date: Mon, 14 Sep 2015 07:57:22 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 171
Connection: keep-alive
outingKey: SJC01P01PAS01
WWW-Authenticate: Bearer realm="RingCentral REST API", error="invalid_token"
Content-Language: en
{
  "errorCode" : "TokenExpired",
  "message" : "Access token expired",
  "errors" : [ {
    "errorCode" : "OAU-128",
    "message" : "Access token expired"
  } ]
}
1 |1000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

John Wang avatar image
John Wang answered
For Ruby, you can try using the community Ruby SDK available here:
This uses Intridea OAuth2 to manage authorization and Faraday for making API calls.
1 |1000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.