I am working with the leagacy xml-rpc API of InfusionSoft to just update a few contact details of a contact like email and opt-out reason etc.
I am using google apps script to achieve that as the data with contact-id is available there as a list. Though, it is part of a larger project where these contacts are being retrieved from other sources.
I often see that I get a response 401 (Not Authorized) message in response to the requests being made. It requires regenerating the access token to get those requests through.
Is there any way, to have never-expiring token or some maximum time limit for that? as the client needs to regenerate token often to get that data updated.
The script needs to run daily for all new contacts available on the list, and no other user is involved.
For the time being, I am sharing the sample code retrieving contact details and that works fine when new token is generated the same day.
function infusionTry()
{
var KEY = APIKEY;
var INF_TOKEN = ACCESS_TOKEN;
var url = "https://api.infusionsoft.com/crm/xmlrpc/v1?access_token=" + INF_TOKEN;
var payload = HtmlService.createTemplateFromFile("ReqData").getRawContent();
payload = payload.replace("{privateKey}",KEY);
payload = payload.replace("{contactIDNumber}",666486);
var params = {
method: "post",
contentType : "application/xml",
payload : payload,
muteHttpExceptions: true
};
var resp = UrlFetchApp.fetch(url, params);
Logger.log(resp.getResponseCode());
Logger.log(resp.getContentText());
}
Thanks.
When dealing with the legacy authentication, there is a different request URL to connect to the API.
The URL that you referenced:
var url = "https://api.infusionsoft.com/crm/xmlrpc/v1?access_token=" + INF_TOKEN;
is used for accessing the API via OAuth.
when using the legacy API with the Infusionsoft API Key, you should make calls to the following URL:
var url = "https://APPNAME.infusionsoft.com:443/api/xmlrpc";
where APPNAME is the Infusionsoft Application Name (subdomain) for your account.
The Infusionsoft API key does not expire (but it may be changed by a user inside of Infusionsoft on demand).
In regard to the OAuth flow, here is a bit more information.
The access token expires every 24 hours.
The process will provide you two tokens.
The refresh token lives for 90 days and is used to generate an access token.
Infusionsoft just announced that the refresh token will expire every 90 days, which means you must refresh your script more frequently than that if you would like to skip a manual authorization to reset the token.
The access token lives for 24 hours and is used to make API calls.
So the overall process is: