slack error "invalid_code" after sending request to oauth.access url

Asked 23/10, 2019 at 10:10 Answered 10/9 at 13:20

javascript authentication slack slack-api

I am trying to authenticate my app with Slack. It was working perfectly fine for a few days, but now it's throwing me an error

invalid_code

const requestBody = qs.stringify({
    code: code,
    redirect_uri: redirect_uri,
    client_id: client_id,
    client_secret: client_secret
  });

  await axios
    .post(url, requestBody, config).
then(server => console.log(server)).catch(err => console.log(err))

Response from server: { ok: false, error: 'invalid_code' }

The code I get is in this format. code=303414024726.805164905556.526d546072e9b2408e0743f42ca3bb5843553a6c3b930b1de2c1e31847b25448

I think this is JWT token but I am not sure.

Any help would be appreciated.

Tierratiersten answered 23/10, 2019 at 10:10 Comment(8)

whatever it is, it's not a JWT! – Comeuppance 23/10, 2019 at 11:26

did you ever solve this? Having the same problem – Urban 4/5, 2020 at 22:45

No, it just fixed itself after sometime. – Tierratiersten 7/5, 2020 at 19:20

Getting the same issue on and off. Were you getting it only in development or also in production? – Penal 2/6, 2020 at 1:20

one of our customers used to have the same issue, idk what's the reason behind this, seems like slack related cause we do NO modification to the code accepted, just passing it to get the token, on the second attempt it's succeeded, very wired anyway – Strongroom 8/3, 2021 at 12:43

I ran into the same problem. For me, the solution was to send form-data instead of json in the request. – Procedure 21/6, 2021 at 19:34

I am facing the same issue, is it necessary to make app public, so that we will not receive this invalid_code error? – Kendall 5/8, 2021 at 10:59

I couldn't find a proper solution to this. It just started working again on its own, as if it was consumed or something. – Tierratiersten 12/8, 2021 at 3:24

This seems like one of those error messages that is returned because of a wide range of reasons. None of the above worked for me, but when I generated a new client secret in "Settings" -> "Basic Information" -> "App Credentials" then it fixed the issue. This step revokes all existing tokens, which may have been part of what fixed the issue (although Li Xia's suggestion of revoking all tokens manually didn't work for me).

Durward answered 21/1 at 12:5 Comment(0)

The solution was to send form-data instead of json in the request. As commented by Daniel Kent

Mcnary answered 10/9 at 13:20 Comment(0)

This is how i made it work

 let slackUrl = `https://slack.com/api/oauth.v2.access`;
let client_id = process.env.SLACK_CLIENT_ID;
let client_secret = process.env.SLACK_CLIENT_SECRET;
let details = {
    code,
    client_id,
    client_secret
}
var formBody = [];
for (var property in details) {
    var encodedKey = encodeURIComponent(property);
    var encodedValue = encodeURIComponent(details[property]);
    formBody.push(encodedKey + "=" + encodedValue);
}
formBody = formBody.join("&");

const _headers = {
    'Content-Type': 'application/x-www-form-urlencoded'
};

let config = {
    method: 'POST',
    url: slackUrl,
    data: formBody,
    headers: _headers
};

let installation = await axios(config);

Ceasar answered 10/7, 2022 at 17:22 Comment(0)

Ran into the same issue where it worked then kept getting "invalid code" error in the response. Turns out, if there is already an OAuth token for the app/workspace, it will throw this error.

To fix this, go to "OAuth & Permissions" in the App management part of Slack, and revoke all your tokens (at the bottom of page.). On the next request, your request will return a new token.

Madlin answered 26/7, 2023 at 22:7 Comment(0)

Recommended topics

Hot tags