invalid_grant error on /exchange request

[ashar340]

The server throws the following upon making the request to the /exchange API endpoint:

Listening on port 8000
node:internal/process/promises:246
          triggerUncaughtException(err, true /* fromPromise */);
          ^

SmartcarError: invalid_grant:undefined - Unauthorized redirect_uri: http://localhost:8000/exchange
    at util.handleError (/Users/ananyasharma/dev/vroom/vroom/node_modules/smartcar/lib/util.js:105:11)
    at tryCatcher (/Users/ananyasharma/dev/vroom/vroom/node_modules/bluebird/js/release/util.js:16:23)
    at /Users/ananyasharma/dev/vroom/vroom/node_modules/bluebird/js/release/catch_filter.js:17:41
    at tryCatcher (/Users/ananyasharma/dev/vroom/vroom/node_modules/bluebird/js/release/util.js:16:23)
    at Promise._settlePromiseFromHandler (/Users/ananyasharma/dev/vroom/vroom/node_modules/bluebird/js/release/promise.js:547:31)
    at Promise._settlePromise (/Users/ananyasharma/dev/vroom/vroom/node_modules/bluebird/js/release/promise.js:604:18)
    at Promise._settlePromise0 (/Users/ananyasharma/dev/vroom/vroom/node_modules/bluebird/js/release/promise.js:649:10)
    at Promise._settlePromises (/Users/ananyasharma/dev/vroom/vroom/node_modules/bluebird/js/release/promise.js:725:18)
    at _drainQueueStep (/Users/ananyasharma/dev/vroom/vroom/node_modules/bluebird/js/release/async.js:93:12)
    at _drainQueue (/Users/ananyasharma/dev/vroom/vroom/node_modules/bluebird/js/release/async.js:86:9)
    at Async._drainQueues (/Users/ananyasharma/dev/vroom/vroom/node_modules/bluebird/js/release/async.js:102:5)
    at Immediate.Async.drainQueues [as _onImmediate] (/Users/ananyasharma/dev/vroom/vroom/node_modules/bluebird/js/release/async.js:15:14)
    at processImmediate (node:internal/timers:464:21) {
  statusCode: 400,
  requestId: '36e8f1ab-9211-4db9-a743-180fcffd253c',
  type: 'invalid_grant',
  description: 'Unauthorized redirect_uri: http://localhost:8000/exchange'
}

Note that I did verify that the redirect uri, secret and clientID are correct.

[anthonywebster]

Hi @ashar340 could you solve?

[gurpreetatwal]

Hi @ashar340 :wave:

Apologies for the late reply here, we don't actively monitor the GitHub issues for support requests. The fastest way to get support is to email support@smartcar.com or contact us via the live chat on https://smartcar.com/contact/.

I was able to look into your request using the provided request ID and I believe you're running into this error because the access token request was made with a redirect URI that is different than the one that the authorization code was sent to. The OAuth 2.0 spec requires that the redirect URI that is provided when exchanging be the exact same as the one that the authorization code was sent to.^1

Based on the redirect URIs that are configured on your Smartcar account I believe you have a backend and frontend app, the simple fix for this issue would be to update the configuration for the backend application to have the same redirect URI that is used in the frontend application (e.g. the one that starts with https://javascript-sdk.smartcar.com). This won't require any other changes on your backend.

Let me know if that works out or if you're still running into issues.

[anthonywebster]

It's working. Thank you :)

[gurpreetatwal]

Great to hear! Feel free to reach out to support@smartcar.com if you have any further questions or comments :)