cancel
Showing results for 
Search instead for 
Did you mean: 

Marketo Access token expired

sravankunadi
New Contributor II

We are retrieving the leads from Marketo. I am using Marketo REST 0auth 2 for the access token.
I have created the account and selected auto refresh token,but the token is not getting refreshed after 1 hour. Pipeline still fails with the access token expired.

image

I am able to authorize and refresh the token manually. Anything i am missing or do we have any other workaround?

9 REPLIES 9

sravankunadi
New Contributor II

Any inputs on this please?

ddellsperger
Moderator
Moderator

Marketo authentication for client_credentials expects the client_id and client_secret as query parameters. If you uncheck the last box, “Send Client Data as Basic Auth header” things should work properly (that should be used if the authentication documentation talks about sending “client details in the Authorization header”).

You’ll want to then click the “Authorize” button, then when you get updates, the “Apply” button. You’re also able to remove the auth endpoint config, client_credentials OAuth2 only makes a call out to the Token Endpoint. OAuth2 coming from client_credentials typically doesn’t have a refresh operation to make, it simply does a re-authorization during that process, you’ll notice that the Marketo documentation even shows that there’s no refresh_token returned in the response from the token endpoint. But our refresh operation will take care of re-authenticating for client_credentials or performing a refresh if a refresh_token is available, so you’ll want to keep the checkbox checked.

ResponseOfIdentity {
    access_token (string, optional): The token that you pass with subsequent calls to authenticate with the target instance,
    scope (string, optional): The owning API-only user of the custom service that was used to authenticate,
    expires_in (integer, optional): Remaining lifespan of the current token in seconds,
    token_type (string, optional): The OAuth authentication method = ['bearer']
}

sravankunadi
New Contributor II

Thanks @ddellsperger . I still see the same issue after unchecked the “Send Client Data as Basic Auth header” and also removed the auth endpoint config.
I did Authorize and the tab opened and updated and then did the “Apply” button.

image

I have attached the error log file.
Errors_GetAllLeads-2022-08-23T10_53_11.667.json (805 Bytes)

Which snap are you using to accomplish this, are you simply using a Rest GET/POST to obtain this data, or are you using the Marketo Snap Pack itself? Do you maybe have a pipeline screenshot that I could look at here, it seems like you’re running a series of Rest snaps to get paginated data. I remember Marketo being somewhat unique, in their documentation they state:

If you call the Identity endpoint before your token has expired, the same token and the remaining lifespan will be returned in the response.

This means that our refresh process doesn’t work the same way for Marketo as it might for other systems. Because they return an error with a value 602 rather than a http status code of 401 or 403 for an expired access token, they have to be treated somewhat differently. This is accounted for in our Marketo Snap Pack, but since this error message system that Marketo uses isn’t via status code, but via an internal error code our automated re-authentication systems do not work for Marketo with the Rest Snap Pack. I would highly suggest moving to that if it’s available to you, we don’t really have an option for retries beyond the scope of 401/403 where we force an OAuth refresh currently.