OAuth token creation

Campaign OAuth tokens have a lifetime of 4 hours, but tokens can be refreshed after 3 hours. If you request before the start of the fourth hour, you receive the same access token that you obtained earlier. If you request after the start of the third hour, a new access token is granted. The user account is going to have two access tokens available to them to use (the first token expires in 1 hour and the second token expires in 4 hours. Request a new token after 3 hours to avoid the unexpected expiration of a single access token.



To use our API service without any disruption, you must support the following requirements:

  1. you must employ logic that requests a new token no more than every 3.01+ hours. A new token will only be issued 3 hours after the preceding token; therefore, you need to cache the granted token for re-use for all API calls and employ a supervisory thread to request and update the OAuth token used.
  2. you must employ an exponential backoff timer in all API calls requesting a token or other API use.
    Failure to adequately implement logic supporting these requirements may result in the blocking of your API calls.
    $host = 'https://api-campaign-us-1.goacoustic.com/oauth/token';
    $key = 'XMLAPIENGAGE';
    $secret = 'PRODUCTION_USE';
    $refreshToken = 'ac1bfab0-f310-4161-9f6b-53cabac451a8';
    $fields = array(
    'client_id' => $key,
    'client_secret' => $secret,
    'refresh_token' => $refreshToken,
    'grant_type' => 'refresh_token'
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $host);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_POST, count($fields));
    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($fields));
    $json_result = curl_exec($ch);
    $result = json_decode($json_result);
package com.sp.example;
    import net.sf.json.JSONObject;
    import net.sf.json.JSONSerializer;
    import org.apache.commons.httpclient.HttpClient;
    import org.apache.commons.httpclient.methods.PostMethod;
    import java.io.IOException;
    import java.io.InputStream;
    import java.util.Scanner;
    * Created with IntelliJ IDEA.
    * User: exampleuser
    * Date: 6/21/13
    * Time: 3:20 PM
    * To change this template use File | Settings | File Templates.
    public class AccessTokenRetriever {
    public static final String PARAM_CLIENT_ID = 'client_id';
    public static final String PARAM_CLIENT_SECRET = 'client_secret';
    public static final String PARAM_REFRESH_TOKEN = 'refresh_token';
    public static final String PARAM_GRANT_TYPE = 'grant_type';
    public static final String GRANT_TYPE = 'refresh_token';
    private String url;
    private HttpClient httpClient;
    private String responseText;
    public AccessTokenRetriever(String url) {
    this(url, new HttpClient());
    AccessTokenRetriever(String url, HttpClient httpClient) {
    this.url = url;
    this.httpClient = httpClient;
    public String retrieveToken(String clientId, String clientSecret, String refereshToken) {
    PostMethod post = createPost(clientId, clientSecret, refereshToken);
    try {
    responseText = getResponseText(post);
    return getTokenFromResponse();
    } catch (Exception e) {
    throw new RuntimeException(e);
    private PostMethod createPost(String clientId, String clientSecret, String refereshToken) {
    PostMethod post = new PostMethod(url);
    post.setParameter(PARAM_CLIENT_ID, clientId);
    post.setParameter(PARAM_CLIENT_SECRET, clientSecret);
    post.setParameter(PARAM_REFRESH_TOKEN, refereshToken);
    post.setParameter(PARAM_GRANT_TYPE, GRANT_TYPE);
    return post;
    private String getResponseText(PostMethod post) throws IOException {
    InputStream is = post.getResponseBodyAsStream();
    Scanner scanner = new Scanner(is).useDelimiter('A');
    return scanner.hasNext() ? scanner.next() : '';
    private String getTokenFromResponse() throws IOException {
    JSONObject json = (JSONObject) JSONSerializer.toJSON(responseText);
    return json.getString('access_token');
    public static void main(String[] args) {
    String url = 'https://api-campaign-us-1.goacoustic.com/oauth/token';
    String clientId = 'XMLAPIDEVQA';
    String clientSecret = 'NOT_FOR_PRODUCTION_USE';
    String refreshToken = 'ac1bfab0-f310-4161-9f6b-53cabac451a8';
    AccessTokenRetriever tokenRetriever = new AccessTokenRetriever(url);
    String accessToken = tokenRetriever.retrieveToken(clientId, clientSecret, refreshToken);
    System.out.println('access_token: ' + accessToken);
    * In future requests
    * httpHeaders.set('Authorization', 'Bearer ' + accessTokenFor(oauthClientIdentification.value()));