Hi everyone,
I’m having an issue with my OAuth2 custom app implementation where the ‘sub’ parameter is being sent empty in the refresh token request. Here’s my setup:
- Authentication Flow:
- Using OAuth2 with custom endpoints
- Successfully getting access_token and user info
- Refresh token mechanism is implemented but not working as expected
- Current Implementation:
{
"authorize": {
"url": "..../auth",
"qs": {
"source": "{{oauth.makeRedirectUri}}",
"integration": "make"
},
"response": {
"temp": {
"access_token": "{{query.access_token}}",
"refresh_token": "{{query.refresh_token}}",
"id_token": "{{query.id_token}}"
}
}
},
"token": {
"condition": "{{temp.access_token}}",
"url": "...../auth/verify-token",
"method": "POST",
"body": {
"access_token": "{{temp.access_token}}"
},
"type": "json",
"response": {
"data": {
"expires": "{{addSeconds(now, 3600)}}",
"accessToken": "{{temp.access_token}}",
"refreshToken": "{{temp.refresh_token}}"
},
"expires": "{{addSeconds(now, 279200)}}"
}
},
"info": {
"url": "..../auth/verify-token",
"headers": {
"Authorization": "Bearer {{connection.accessToken}}"
},
"method": "POST",
"type": "json",
"body": {
"access_token": "{{connection.accessToken}}"
},
"response": {
"uid": "{{body.user_info.sub}}",
"metadata": {
"sub": "{{body.user_info.sub}}",
"email": "{{body.user_info.email}}",
"value": "{{body.user_info.email}}",
"username": "{{body.user_info.username}}",
"family_name": "{{body.user_info.family_name}}",
"given_name": "{{body.user_info.family_name}}",
"picture": "{{body.user_info.picture}}"
}
}
},
"refresh": {
"condition": "{{data.expires < addMinutes(now, 1)}}",
"url": "....../auth/refresh-token",
"method": "POST",
"body": {
"sub": "{{data.uid}}",
"refresh_token": "{{connection.refreshToken}}"
},
"type": "json",
"response": {
"data": {
"expires": "{{addSeconds(now, body.expires_in)}}",
"accessToken": "{{body.access_token}}",
"idToken": "{{body.id_token}}"
}
}
}
}
- Issue:
-
The verify-token endpoint successfully returns user information
-
I can access email and other user info from the response because when I check connection, I can see my email.
-
However, when making the refresh token request, the ‘sub’ parameter is empty
-
Getting 422 Unprocessable Entity error due to empty sub parameter
Any help or guidance would be greatly appreciated!