Did you ever get this working? I assume, if you are trying the refresh token, you had made the initial authentication work? Could you share that HTTP flow please?

First off, thank you for replying to a post from 2020.

If my thinking is correct, the initial auth is performed via postman, and the PA flow retrieves the token saved in a sharepoint list?

I will explain my scenario. Google form time entry, which essentially was saved to a google sheet. I could extract the new rows and post to a sharepoint list, for time entry for a client. They have since moved to WorkFlowMax; i'm trying to create a similar process.

I would need to auth once per day to WFM via API and then POST add time. I imagine being in the position of auth once, and then refresh once per 24 hours, in order to post new data. 

You worked out how to refresh such token via PowerA, referencing the original question? 

Please can we keep the conversation going, I don't want to give up on my objective! 

cheers
Luke

The Google Sheet aspect is easy, as there is a connector.

I have used PostMan for the first time, and have my access token now. 

So I assume I can now bring that into PowerAutomate and work on the refresh cycle. 

Once that is done, I can look at adding new time entry into work flow max.

Any pointers with the refresh flow for the token please?

Awesome! Over on GIT is a Postman environment to import. Has all the workings of getting started with the Worflow max api - (GitHub - XeroAPI/workflowmax-postman-oauth2: A postman collection for use with WorkflowMax's API and...

So I can get to speed with interacting with the API via Postman and then bring my learnings into Power Automate.

cheers for the screenshot 

@MartinHutchcpa , what is the redirect URL back to Power Automate that you use?

I didnt need one as I was working in private mode

Please could you post the breakdown of the HTTP flow, where you are refreshing the token.

I can't work out what should be in the Body and the Headers, however much I try I get Invalid_Client or Invalid_Request, where trying to refresh

Also, how is this string made up: Do I use the text as is, but replace the id and secret?

"Basic " + base64encode(client_id + ":" + client_secret)

Its this Authorization string which is throwing me now! I'm getting back Invalid_Client in PA. Could you give me some pointers please on how you have encoded it? I see at the first screen shot, its an expression with Basic and then I assume your base64encode string for client id and pass - how did you encode it?

OK I sorted it!!! Wow... talk about learning.

In the HTTP call I formed the body as form-data (reference from the way POSTMAN was forming the refresh request) 

grant_type=refresh_token&refresh_Token=REFRESHTOKEN&client_id=CLIENTID&client_secret=CLIENTSECRET

No need for Authorization header and the base64encode string

Thanks @WillPage (Adding formData to HTTP Request - Power Platform Community (microsoft.com))

Thanks @MartinHutchcpa 

Hi @LukePWilkins (et all)

Credit for your persistence here.  I am trying to do exactly the same thing and can't seem to get past "{"error":"invalid_client"}".

I have successfully authenticated, refreshed tokens, retrieved invoices, and created invoices using Postman.

I have created a single flow with the three variables below and validated that the values are all correct and matching what is in Postman.

I have also tried formatting the body in JSON (noting to change content-type) however this returns 'invalid request'.

When I format the body exactly how you have set out, or copy/pasting from Postman both result in 'invalid client'.

My process to test this scenario is as follows:

1. Generate new token in Postman
2. Copy access_token and refresh token to environment variables in Postman
3. Run authentication in Postman (sign in etc)
4. Run Refresh token in Postman
5. Run Get connections to obtain and store client_id in environment variables in Postman
6. Test retrieve and create Invoices in Postman
7. Ensure token is not expired
8. Run my refresh token flow in PowerAutomate

Hoping you can shed some light on this for me. Here are some of my questions:

1. There was one auto-generated KEY-VALUE in Postman called "Host" and it mentions that if this is removed it will likely result in a 400 error. It doesn't look like you have included this. Did this cause you any problems?
2. Did you have to first create a flow for steps 1-3 in my process above in order to run the Refresh Token flow?

Here is the the output of my flow:

Any help would be greatly appreciated.

I have the access token and refresh token saved in a txt file on OneDrive. ClientID and Secret are hardcoded in the variables. RefreshToken, retrieves the refresh token from OneDrive, then its a POST to the API

@LukePWilkins 

Thanks for the response!

I ended up moving client_id, client_secret, xero-tenant-id, access_token, and refresh_token values to a Davaverse table.

I am 99.99999% sure these were all the exact same values that I had initialised as variables in my original flow.

Then the only change I made is that I noticed you had an uppercase T in the body for 'refresh_Token'.

The flow now works perfectly.  I also added a Do Until status code = 200 so it will retry if it fails for any reason. The flow then updates the dataverse table with the new tokenset (access and refresh) details.

My flow now looks like this:

Thanks again for your response!

Do you have a typo in Grant_type refresh_tocken???? 

I have my flow scheduled to run every 29 mins and refresh the access token. 

Glad you got it sorted! Two people extra now working with the API via Power Automate

@Nebulas , i'm going to look into storing data in the dataverse, which feels as much better option than onedrive TXT file!!!