GuidesAPI ReferenceDiscussions
Discussions
Start typing to search…

Discussions

Ask a Question
Back to All

OAuth Token Exhange Failing

about 1 month ago by Martin Sud

Subject: OAuth Token Exchange Failing Despite Successful Authorization - App ID 133481

Dear ServiceM8 Support Team,

I'm experiencing an OAuth integration issue with my ServiceM8 application and need assistance resolving the token exchange process.

App Details:

App ID: 133481
Application Type: Web Service Hosted Add-on
Redirect URI: https://service-m-8-performance-martinsudell.replit.app/auth/servicem8/callback
Issue Summary:
The OAuth authorization flow completes successfully, but the token exchange callback is never reached, preventing my application from obtaining access tokens.

What's Working:

OAuth authorization request redirects correctly to ServiceM8
User can accept permissions successfully
ServiceM8 redirects back with success indication
What's Not Working:

Callback endpoint never receives the authorization code
No callback processing logs appear despite successful authorization
API requests continue receiving 401 "Invalid username or password" errors
Technical Implementation:

OAuth Authorization Request:

const authUrl = https://go.servicem8.com/oauth/authorize? +
client_id=133481& +
redirect_uri=${encodeURIComponent('https://service-m-8-performance-martinsudell.replit.app/auth/servicem8/callback')}& +
response_type=code& +
scope=${encodeURIComponent('read_staff staff_activity read_jobs read_job_categories read_schedule read_customers read_job_queues read_tasks')}& +
state=${randomState};
Callback Implementation:

app.get("/auth/servicem8/callback", async (req, res) => {
console.log('ServiceM8 OAuth callback received:', req.query);

const { code, error } = req.query;

if (error) {
return res.redirect('/?auth=servicem8_error');
}

if (!code) {
return res.status(400).json({ error: "Missing authorization code" });
}
try {
const params = new URLSearchParams();
params.append('grant_type', 'authorization_code');
params.append('client_id', '133481');
params.append('client_secret', '[APP_SECRET]');
params.append('code', code);
params.append('redirect_uri', 'https://service-m-8-performance-martinsudell.replit.app/auth/servicem8/callback');
const tokenResponse = await axios.post('https://go.servicem8.com/oauth/access_token', params, {
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Accept': 'application/json'
}
});

// Store token and redirect to success

} catch (error) {
console.error('Token exchange failed:', error);
}
});
Current Behavior:
Despite successful authorization, the callback endpoint never receives any requests. Console logs show OAuth requests being initiated but no corresponding callback processing logs.

API Request Attempts:
Current API requests receive:

Status: 401 Unauthorized
Response: "Invalid username or password"
Using Basic Auth fallback when OAuth token unavailable
Request for Assistance:
Could you please verify the OAuth configuration for App ID 133481 and confirm:

The correct callback URL format and token exchange process
Whether there are any specific requirements for Web Service Hosted Add-ons
If there are any additional configuration steps needed for the OAuth flow
I've attached the complete technical implementation and can provide additional debugging information if needed.

Thank you for your assistance.