If grant_type is authorization_code you create access_token and refresh_token, and save on somewhere (like DB, because it is used client auth at real time) and return like this,
This reference is accurate if we point to the data format that needs to be shared at the POST HTTP Request@Daniel_Artemiev mentions, but with the difference that the installation process of ST Schema Connectors occurs in opposite directions, i.e.:
The ST Schema OAuth Instance should share the token payload in exchange for the authorization_code granted (redirected) after a successful login.
Notice that this token response is not intended to be redirected, as it happens with the code.
It seems you’re missing the state parameter. Yes, that same state you handled at the initial steps of the OAuth Dance (/authorize>/login>/<redirect_uri>).
As @erickv suggested the error may not be triggered by the Token response, but maybe because your connector is unreachable. For example, I’ve faced that same issue several times when my Webhook Endpoint expires. Is it possible that your Webhook URL is not public or or it has expired?
Thank you , @erickv and @andresg . I used 8050 port in webhook, and as I see, the URL such this https://domain.com:8050/ is not working. I guess the reason was in the port, right? I tried to use 443 , and get request with grantCallbackAccess, discoveryRequest and another. I cannot use another port for webhook, right?
I’m currently analyzing this issue, and I have some questions. Are you exposing directly your server or are you trying to make use of a proxy through some tunneling service? Take into account that the second option enhances your security and allows your connector to focus on its own tasks. Maybe you can test some of these apps I use: ngrok, nginx, localtunnel.
I can now assure you that the WebHook needs to be hosted in port 443. As I said in my previous message, you can try using a proxy through some tunneling service. That way, you can host your Connector on any port you want and the WebHook in port 443.
Thank you for information. Maybe it will be useful to publish the information about strong using of 443 port in your Oauth Docs or in the Developer Panel ?
The fact is that I used the already made solution for google home, and I just used a non-standard port there.