Mautic node does not refresh token

Describe the problem/error/question

In the Mautic configuration, there are two API-related settings: Access token lifetime (measured in minutes) and Refresh token lifetime (measured in days).

When the Access token expires, the Refresh token should be utilized to obtain a valid Access token. However, this is not happening. Instead, when the Access token expires, I receive a 403 error. The only way to make a request to Mautic again is by manually connecting in the n8n credential settings.

For more detailed information, you can refer to the Mautic documentation at:

What is the error message (if any)?

NodeApiError: Forbidden - perhaps check your credentials?
    at Object.mauticApiRequest (/usr/local/lib/node_modules/n8n/node_modules/n8n-nodes-base/dist/nodes/Mautic/GenericFunctions.js:37:15)
    at processTicksAndRejections (node:internal/process/task_queues:95:5)
    at Object.execute (/usr/local/lib/node_modules/n8n/node_modules/n8n-nodes-base/dist/nodes/Mautic/Mautic.node.js:653:44)
    at Workflow.runNode (/usr/local/lib/node_modules/n8n/node_modules/n8n-workflow/dist/Workflow.js:658:19)
    at /usr/local/lib/node_modules/n8n/node_modules/n8n-core/dist/WorkflowExecute.js:631:53

Please share your workflow

Information on your n8n setup

  • n8n version: 1.4.1
  • Database (default: SQLite): postgres
  • n8n EXECUTIONS_PROCESS setting (default: own, main): default
  • Running n8n via (Docker, npm, n8n cloud, desktop app): docker
  • Operating system: ubuntu

Hey @pavvel,

That is interesting it looks like we do follow the Mautic docs for the OAuth, I did wonder if maybe the URL for the token had changed but that seems to be correct.

Which version of Mautic are you using and is this something you have only noticied in 1.4.1 or was it happening in earlier versions as well?

Hi @Jon

I haven’t utilized the Mautic integration for some time, so I’m uncertain which versions are impacted. However, I first encountered this issue approximately two months ago.
Recently, I recreated the credentials from the beginning and attempted again, but unfortunately, it didn’t resolve the problem.

The version of Mautic that I’m currently using is 4.4.4.
Additionally, I have an integration with a PHP library, and it is functioning as anticipated.

Regards, Pawel.

Hi @Jon, @jan

Is there any progress on this issue?

I’ve conducted further investigations on another n8n instance running version 0.228.2, and it appears that the token refresh function operates correctly. Given that I’m using Docker, I also tested version 1.7.1 on the same server where 0.228.2 is functioning without issues, but encountered the same problem.

Upon further, very detailed, investigation, I’ve discovered that the token refresh function was operational up to version 1.1.0. The first Docker version where the problem surfaced is 1.1.1.

So there is probably a bug here:

To clarify, in versions up to and including 1.1.0, the token refresh feature worked as expected. However, starting from version 1.1.1, the feature ceased to function properly. This issue persists in subsequent versions, including 1.4.1 … 1.7.1.
During the token’s validity period, all requests to the Mautic API are successful. But once the primary token expires, I’m consistently met with a 403 error and must manually refresh the token using the credentials GUI.

Regards, Pawel.

1 Like

Hey @pavvel,

That is some good work there, The only change I can see between those versions was for the self signed cert tweak. I have just set up Mautic 4.4.9 locally and configured OAuth and set up a test workflow that will run every hour to create a company and a contact, Hopefully I will be able to reproduce this by the end of the day and we can work on getting this fixed.

1 Like

Hi @Jon

In the configuration panel (/s/config/edit), you have the option to alter the access token’s lifetime to, say, one minute.

This way, you won’t have to wait hours to test it. Just ensure you reauthorize initially so that the old token becomes invalid and a new one-minute token is generated.

Regards, Pawel.

Hey @pavvel,

That looks handy, I left it at the default 60 minutes for the access token and it has been working all day so far with no issues.

Let me try with setting the access token to 1 minute and the workflow to every 5 to see if that changes anything.

Alright new credential authed and have confirmed the 1 minute life.

Workflow for testing is currently…

I will be back shortly with results.

Hey @pavvel,

It has been a while but for some reason this is working as expected for me.

One of the differences I am aware of is that I am running 1.8.0 but I am not aware of anything that could fix the issue. Out of interest are you using HTTPS for your Mautic instance and is it using a signed cert or self signed?

I also attempted with version 1.8.0.
Here’s what it appears like on my end:

The green ones are just after reauthentication, and it fails a minute later.
Is there a way I can debug n8n?

Yes, I’m using HTTPS. It’s behind Cloudflare and the certificate is also from Cloudflare.

Additionally, I plan to test with another instance of Mautic.

Hey @pavvel,

You could try setting the debug log option or a better option might to be use the http request node with the mautic credential and set it to full response and see if anything appears.

For my set up I am using Cloudflare for DNS but that is it. If I DM you some test credentials and a URL did you want to have a go with my local install to see if you have the same issue?

Sure we can try.

I’ve finally identified the discrepancy in the Mautic configuration that’s leading to this divergent behaviour.

Upon utilizing the HTTP node, I was able to view the returned message body.

I activated Basic Auth in the Mautic configuration, and now the refresh function is operational.

However, I’m puzzled as to why Basic Auth needs to be enabled to establish a connection using OAuth2, particularly since it functioned prior to version 1.1.1.

Hey @pavvel,

I would need to check but I don’t think we have changed anything in the Mautic node for a while but… This could be related to an issue with OAuth where we are still sending the header when oauth is configured to use Body.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.