Re: Marketo API and Zapier - Receiving 601 codes (Access token invalid) even though I have a valid one.

Chalo · ‎06-04-2024

Hi all,

I was wondering if anyone could help me with this.

I have Marketo integrated with Zapier with an API Only user. Thing is I want to populate a PMCF from Zapier to Marketo for some webinar runs. While testing it out I've found that it actually worked but now that I'm live with real people, it won't populate that field as I keep receiving 601 codes from the Marketo API.

Some stuff worth mentioning:

I do have the Identify process on Zapier to grab the access token (putting my client id and client secret keys). This is the URL: https://XXXXX.mktorest.com/identity/oauth/token?grant_type=client_credentials
These are the kind of replies I'm getting from that Identify process:
- Access Token, Token Type, Expires In and Scope
  - Expires In shows numbers usually on their 3000, meaning I still have that time left before it expires.

Basically I'm getting the access token from Marketo every call, so I think there's no reason why I should be receiving 601.

Later on the POST URL I'd put this: https://XXXXX.mktorest.com/rest/v1/programs/{program-id}/members.json?access_token={accessToken}

I also have the request headers for content type (application/json) and the Authorization (Bearrer {accessToken}.

FYI: I'm also including the token inside the Query Parameter field on Zapier (the dynamic token)

What am I missing?

Thanks

AshleighMo · ‎06-04-2024

This may sound silly, but have you tried to disconnect and re-do the integration? I had a similar issue to this with ON24 in the past before they updated how that integration was done. The fix was disconnecting and reconnecting. I haven't integrated Marketo and Zapier specifically but it sounds like that integration may be similar.

SanfordWhiteman · ‎06-04-2024

@AshleighMo wrote:

This may sound silly, but have you tried to disconnect and re-do the integration? I had a similar issue to this with ON24 in the past before they updated how that integration was done. The fix was disconnecting and reconnecting. I haven't integrated Marketo and Zapier specifically but it sounds like that integration is similar.

It’s really not that kind of integration. This is a bespoke call to get a token and make a POST.

AshleighMo · ‎06-07-2024

Ah understood! Thanks for clarifying.

SanfordWhiteman · ‎06-04-2024

I have Marketo integrated with Zapier with an API Only user. Thing is I want to populate a PMCF from Zapier to Marketo for some webinar runs. While testing it out I've found that it actually worked but now that I'm live with real people, it won't populate that field as I keep receiving 601 codes from the Marketo API.

If this is happening on every single call, that clearly means you aren’t populating the header correctly in the PMCF POST. However, you haven’t provided enough detail about your config for us to tell you where the problem is. We need complete screenshots of every step.

These are the kind of replies I'm getting from that Identify process:

Access Token, Token Type, Expires In and Scope

Expires In shows numbers usually on their 3000, meaning I still have that time left before it expires.

Basically I'm getting the access token from Marketo every call, so I think there's no reason why I should be receiving 601.

No, it’s simply not possible for it always to be 3000+ seconds. The expiry will gradually tick down over the course of an hour. Doesn’t matter how frequently you get the token, you’re still getting the same value with a decreasing expiry until a new token is issued.

Furthermore, even if you have 2 seconds left on the /identity call that doesn’t mean the token won’t expire by the time you make the call to /members. It’s perfectly possible for the token to expire in that moment. Since you say you’re always getting a 601, your problems run deeper. But you must expect a 601 to occasionally happen and recover gracefully from it by calling /identity again.

FYI: I'm also including the token inside the Query Parameter field on Zapier (the dynamic token)

Don’t put it in both places, that’s just confusing and you’ll later forget it’s redundant. The only one you need is the Authorization: header.

Chalo · ‎06-05-2024

Hi,

Thanks @SanfordWhiteman , attaching some screenshots and some bullet points:

I don't receive the 601 code in all queries, only in some which makes it irregular.
There could be a caveat in which the token would have 1-5 seconds left and so that token would not be valid, but it is not the case in here.

1. Requesting Access Token

2. Receiving Access Token

3. Requesting POST PMCF population

4. Receiving 601 with fresh Access Token

I don't think its the Authorization header I'm missing since it has already worked with this set up...

SanfordWhiteman · ‎06-05-2024

OK, you now seem to understand the token expiry is not always 3000+ seconds. This is at odds with your first post.

There’s still not enough information about your setup. Why does one screenshot say “Request Querystring Access Token” as opposed to “access_token”? You have other mapping info not shown here.

In general, you should test request payloads with something like JSBin or ngrok. That’ll show you exactly why Zapier is putting the wrong thing on the wire. Clearly Marketo isn’t doing anything wrong here, you just have Zapier configured incorrectly.

alludoalex · ‎06-06-2024

Show the Zapier Action Configuration as well as. My only guess as-is, is that the Access Token is not configured as an output variable and that the static value was pushed into the automation.

Your access token, when configured should show {{2. Access Token:}} as a Zapier variable (pictured below).

Otherwise if not configured as a variable, it will be trying to use the same hard-coded Access Token that was working in your tests each time during live runs. That might explain why it works as a test, because it's a brand new token.. but fails in live prod.

Also, you may want to build some redundancy in when considering Zapier solutions depending on the volume of triggers you're dealing with. In some instances of Zapier webhook solutions, we have used additional path logic that will trigger when the "Errors Message" indicates a timeout or access token issue. The following steps when the path is triggered Request a new token, resubmit the payload, and send us an alert.

alludoalex · ‎06-06-2024

I see on your original post that you mentioned you're pulling the dynamic token.

It would still help to see the Action configurations - a picture's worth 1,000 words!

Chalo · ‎06-07-2024

Hi @alludoalex,

Sure. I've also been trying to put the access_token (like @SanfordWhiteman said) in the query parameters but seems to still deliver the same result. What pisses me off is that it sometimes work and others don't.
Here are the requirements for the API call to populate the field.

I've even created a new API user and synced to it with both client id and secret key

For the Access Token request I'm using a Webhooks by Zapier with a GET request:

This is the response:

Which later resulted into this 601 response:

request:

method:

POST

url:

https://XXXXXXX.mktorest.com/rest/v1/programs/10640/members.json

querystring:

access_token:

91e5426f-8ecc-461d-9658-86f25a5c5467:ab

headers:

content-type:

application/json

body:

{
    "input":[
        {
            "leadId": "13081006",
            "zoomMeetingLink": "https://XXXX.zoom.us/w/XXXXX
    ]
}

data:

input:

0:

leadId:

13081006

zoomMeetingLink:

https://XXXX.zoom.us/w/XXXXXXXXXXXX

response:

status:

headers:

connection:

close

content-length:

content-type:

application/json;charset=UTF-8

date:

Fri, 07 Jun 2024 08:22:49 GMT

server:

nginx

body:

{"requestId":"a97b#18ff1cb15dd","success":false,"errors":[{"code":"601","message":"Access token invalid"}]}

data:

requestId:

a97b#18ff1cb15dd

success:

false

errors:

0:

code:

message:

Access token invalid