1

Seems no matter what I do, requesting a token I always get the Authorization code is invalid. response. I have tried this both in Ruby code and via Curl.

curl -X POST https://partner.api.beatsmusic.com/oauth2/token -d client_secret=SECRET -d client_id=MYID -d redirect_uri=http://foo.example.com/auth/beats_oauth2 -d code=rjmsqtgntc5k6s8jhdawpu4c

results in: 

{"code":"InvalidCredentials","message":"Authorization code is invalid."}

Same results for the RoR code.

any suggestions would be great as I have been working on this for a few days!

thanks! Gary

Uwe L. Korn
  • 8,080
  • 1
  • 30
  • 42
Gary Pinkham
  • 43
  • 4

3 Answers3

0

Is it possible that your authorization code has expired? I see here that they are only valid for 1 hr and then need to be refreshed. Instructions to do so are also at that link.

crsven
  • 186
  • 2
  • the RoR code is making the token request immediately and the Curl I'm doing within a minute (enough time to cut the Auth Code and paste it into the command line. . can't imagine it's expiring that quick.. – Gary Pinkham May 09 '14 at 01:05
0

The example from the docs also shows a -d grant_type=authorization_code parameter being sent. Have you tried it with that param included?

crsven
  • 186
  • 2
  • Yes.. I have tried it with and without.. I don't think it's a required param.. missing any of the others produces a Missing Parameter exception.. – Gary Pinkham May 09 '14 at 02:25
0

The issue was the redirect URL on the getToken request was wrong. The callback I set in the Beats Music API config was "/auth/beats_oauth2/callback" but in the my code and the above example Curl I only had "/auth/beats_oauth2". I can't believe I looked at that a million times... Of course the invalid access code error message made me think it was not related to the redirect url. But that's another story.

BenMorel
  • 34,448
  • 50
  • 182
  • 322