OAuth invalid_grant on refresh_token

I am sending a POST request to https://api.coinbase.com/oauth/token with a JSON body of the four necessary parameters:

In response, I am getting a 401 - invalid_grant, “The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.”

Can anyone help? Previously this functionality worked.
If this is an expired token, is there a way to refresh it without redirecting to coinbase.com to approve/sign in?
Thank you!


If this

Hey @dt88! Welcome to Coinbase Cloud Forum Community.

We understand that you are getting error 401 - invalid_grant, when you send a request to https://api.coinbase.com/oauth/token. We would like to let you know that 401 error responses could be because of either invalid_token/evoked_token/expired_token/invalid_redirecturi.

Also, the access token which is used to authenticate all your requests, expires in two hours. Once an access token has expired, you will need to use the refresh token to obtain a new access token and a new refresh token. The refresh token never expires but it can only be exchanged once for a new set of access and refresh tokens. If you try to make a call with an expired access token, a 401 response will be returned. More details: Link

Additionally, for more details on integrating your OAuth2 app, you may check this out at Integration | Coinbase Cloud

We hope this helps. Thank you, and have a good day ahead!