"Refresh token not valid"
Problem reported by Somo IT - Today at 3:55 AM
Submitted
Hello

I want to develop an integration with the smartermail API and im testing the authentication and refresh tokens.

Authentication works good but there is no way to make refresh tokens work.  Its a clean testing installation of smartermail via docker-compose. Admin, domain and testing user newly created, but:

$ curl -s -X POST hxxp://192.168.100.100:8080/api/v1/auth/authenticate-user -H "Content-Type: application/json" -d '{"username":"test@mydomain.com","password":"mypassword"}'

{"emailAddress":"test@mydomain.com","changePasswordNeeded":false,"passwordExpired":false,"displayWelcomeWizard":true,"isAdmin":false,"isDomainAdmin":false,"isLicensed":true,"isClusterAdmin":false,"autoLoginToken":"","autoLoginUrl":"","localeId":"en","requirements":null,"suppressIdsTick":false,"isImpersonating":false,"canViewPasswords":false,"accessToken":"eyJhbG...CEcQ","refreshToken":"eyJhbGciOiJS...4mIfD4-Dew","accessTokenExpiration":"2026-07-16T10:47:06.9923367Z","refreshTokenExpiration":"2026-09-14T10:32:07.0000397Z","username":"test@mydomain.com","success":true,"resultCode":200}


$ curl -s -X POST hxxp://192.168.100.100:8080/api/v1/auth/refresh-token -H "Content-Type: application/json" -d "{\"token\":\"eyJhbGciOiJS...4mIfD4-Dew\"}"
{"isImpersonating":false,"canViewPasswords":false,"accessToken":"","refreshToken":"","accessTokenExpiration":null,"refreshTokenExpiration":null,"username":null,"success":false,"resultCode":401,"message":"Refresh token not valid"}

I have tried many times, the token is perfectly pasted (if i modify a char it returns signature validation error), i have also used the isWebmailRefresh parameter but no luck, tried two different versions of smartermail... out of ideas.

Can you help me?

Thanks in advance!!



Reply to Thread

Enter the verification text