- Topic is Locked
Obtain a valid refresh token.
Call the /oauth/token endpoint with the token. It succeeds with a 200 response
Repeat the call with the same refresh token, it now returns a 400 Bad Request response.
As the message body is well formed (and succeeded in the first request), but the refresh token is no longer valid having been used, I think the 400 response is misleading, and a 401 response would be more helpful for logging and fixing this error.
The change had been loaded in Prod last Friday (6 OCT). It should send error 401 in this case now.
Thanks again for your request.
Thank you for submitting your feature request. Very appreciated!
The change has been approved, and we created an internal ticket to track it.
The Dev team is already working on it, and it will be released soon (in a couple of days) with the updated documentation of Cintoo API as well.
Thank you once again for your contribution, and we look forward to continuing to support your needs.