Invalid_grant error


I’m following these steps in v3 API and I’m unable to get the grant ID through API. This is the flow we are trying to achieve.

{baseurl}/v3/connect/auth — calling this API and it takes through the google/outlook auth flow

redirection is happening to the call back URL with a code. And when I call the “{baseurl}/v3/connect/token” API getting this error. In barely less than few seconds on generating the code, unsure how it’s expired.

Since I’m unable to get the grant ID even once, not being able to list the messages or access contents from email provider.

  "error": "invalid_grant",
  "error_code": 45004,
  "error_description": "Given 'code' not valid or expired",
  "error_uri": "",
  "request_id": "5143c462-c6d9-4eac-a2ca-38030c02650b"

My request does contain all the parameters recommended in the docs.

  "client_id": "<NYLAS_CLIENT_ID>",
  "client_secret": "<NYLAS_API_KEY>",
  "grant_type": "authorization_code",
  "code": "string",
  "redirect_uri": "",
  "code_verifier": "nylas"

Hello @ikram Which SDK are you using? and which scenario are your working on?

Hi @Blag! Thank you for asking.

I’m using the Nylas V3 API that’s documented in Postman through our PHP code base. We are building an email client within our application and trying to let users onboard. This is the user flow

  1. User enters their email id in our application.
  2. We call API to find the provider (works fine)
  3. We call with required information and it redirects us to the concerned providers auth flow (works fine)
  4. User completes the auth. flow and get redirected to our callback url with a code. By now, user returned to our application with {callbackUrl}/login?code= (supposedly working fine)
  5. We call with the above mentioned information to get the grant id, so that we could save it and give user the access to their email contents (this is where it’s not working and we are getting the above error)

Without grant id, we are unable to let users access their email contents in our application. Appreciate your support. Thank you!

Hello @ikram

I have done a lot of Hosted Auth with our SDKs (Ruby, Python, Java and Kotlin) but I must admit that I have never called the APIs directly.

I’m not a PHP expert but came up with this yesterday night :grin: You should be able to see what you are missing :wink: It’s actually way easier than expected :thinking:


Let me know if you need anything else…