We have a Java-based application that interfaces with Acrobat Sign.
We have an Access Token (expired) and a Refresh Token (not expired).
When we attempt to use the Refresh Token to get a new Access Token in Production, we get a 401 Unauthorized: [no body] error.
Here's what we've tried:
- Taking the exact Client ID, Client Secret, Access Token, and Refresh Token from Production database tables and manually doing the POST via cUrl - this works, we get a new Access Token
- Repeating #1 but with Postman - this also works
- Copying the database rows down to a Dev environment and running the same code as Production - this also works
Is it possible that Acrobat Sign blocked our Prod Server? I know for OAuth Code Flow, we have to whitelist the Redirect URI, but I thought that calls to get a new access token from endpoint: https://api.eu1.documents.adobe.com/oauth/v2/refresh
could be done from anywhere without whitelist.
Any thoughts/suggestions?
AdChoices