0

I have been happily using the xoauth client to negotiate PKCE grants flows up to earlier today.

Tokens were obtained and refreshed, all was looking fine until I needed to amend my scopes and needed to re-consent.

Now I receive an error on the callback - http://localhost:8080/callback?error=access_denied&state=8AJEDHk6tlNX2E98Y3JuFmXmDrcS2DNB#_=_

This error would usually indicated that consent was canceled by the user but I am definitely pressing Allow.

I have: Deleted the app and made a new one, tried a new Code Flow app, tried a trial organisation instead of the Demo organisation, all without luck.

However, it will succeed if I specify the bare minimum of scopes: openid and offline_access

Any ideas?

My Client ID is: 17B89D9AF3984680BCA620A3986AE8EB

Update: It does however work in a private browser window so I suspect something local. Will poke some more and close if so.

user3876103
  • 43
  • 4

1 Answers1

0

So that last piece makes it sound like some kind of browser / cache issue.

We did have another user where an ad blocker was causing the problem during the granting access page. Maybe that was you..? API team is looking into this further.

If you are continued to be blocked you can open a ticket by emailing api@xero.com

SerKnight
  • 2,502
  • 1
  • 16
  • 18