Exchanging Authorisation code giving everything except refresh token!

Developers
1

Hey guys! So I am currently building a script to sync my Amex transactions with my Monzo ones (after every purchase, the money will be moved into a pot!).
However, I can’t get the Monzo API to give me back a refresh_token! Here is the response I get:

{"access_token":"redacted","client_id":"redacted","expires_in":107999,"scope":"third_party_developer_app.pre_verification","token_type":"Bearer","user_id":"redacted"}

and nothing else! :cry:

Here is my request:

    payload = {
        "grant_type": "authorization_code",
        "client_id": client_id,
        "client_secret": client_secret,
        "redirect_uri": "http://127.0.0.1:5000/callback",
        "code": auth_token,
    }

    response = requests.request("POST", url, data=payload)
    if not response.ok:
        get_new_monzo_auth()
        return False

    access_token = response.json()["access_token"]
    refresh_token = response.json()["refresh_token"] #FAILS!
    Data.create(key="monzo_access_token", value=access_token)
    Data.create(key="monzo_refresh_token", value=refresh_token)
    return True

I don’t get why this is happening!

2 Likes
2

When you created the client in the Monzo developer interface what options did you select? The chances are for confidentiality you chose “Not Confidential”. The API only gives a refresh token if the “Confidential” option is chosen

monzo-api

This is mentioned in the API documentation but to be honest I think I have made the same mistake a few times.

Client confidentiality

Clients are designated either confidential or non-confidential.

Confidential clients keep their client secret hidden. For example, a server-side app that never exposes its secret to users.

Non-confidential clients cannot keep their client secret hidden. For example, client-side apps that store their client secret on the user’s device, where it could be intercepted.

Non-confidential clients are not issued refresh tokens.
1 Like
3

This is super super cool and I am going to set it up :pray:

Monzo is hiring if you wanted to apply too:

again, thanks so much for this!!

1 Like
4

No problem! By any chance, were you intending to reply to my Amex-Monzo Script?
I appreciate the feedback! :smile:

1 Like