Custom authentication doesn't store variable

Hi im having some trouble with making this work

  1. using the sso to retrieve the code
  2. decoding the response
  3. getting the auth token using the retrieved code
  4. decoding the response and storing it in the VAR_REFRESH variable

the problem I have when I try to get a new token by using the refresh token im getting this response

:arrow_forward:

Refresh auth workflow failed (0.992s):{"error":"invalid_request","error_description":"Handle could not be extracted"}

  1. :arrow_forward:{message: "{"error":"invalid_request","error_description":"Handle could not be extracted"}", statusCode: 400, metadata: Object}

  2. message: "{"error":"invalid_request","error_description":"Handle could not be extracted"}"

  3. statusCode: 400

  4. :arrow_forward:metadata: Object

1. ▶request: Object

  1. url: "https://start.exactonline.nl/api/oauth2/token"

  2. method: "POST"

  3. body: "client_id=*******&client_secret=*******&grant_type=refresh_token&refresh_token=%7B%7B%20---sanitized---%20%7D%7D"

what is causing this


when I try this instead of using the {{ javascript2.returnValue }} directly im getting a similar error in the body

  1. body: "client_id=&client_secret=&code=%7B%7B%20---sanitized---%20%7D%7D&grant_type=authorization_code&redirect_uri=https%3A%2F%2Fgsmplus.retool.com%2Foauth%2Fuser%2FredirectCallback"

why does it say sanitized here what is causing that?



I decided to use the OAuth2 generic and that works fine by how can I use the refresh token inside the refresh auth workflow?

Hey @Gsmplus! Thanks for reaching out and for your patience - I was hoping to get a response out sooner. :raised_hands:

I think the key to unblocking you here is understanding how to correctly reference these "magic" variables. That's not an official name, but I call them as such because they are automatically detected and replaced by the Retool backend without needing the double curly braces.

In your first example, that would mean referencing your stored variable as VAR_REFRESH instead of {{ VAR_REFRESH }}. You would need to use a similar pattern if you end up using the native OAuth2 (Generic) block in your custom authentication flow.

I hope that helps! Let me know if you have any additional questions.

1 Like

Have you had a chance to review this, @Gsmplus? Hopefully the above is helpful, as I'm pretty sure it address the primary cause of the errors you were seeing.