Title: Bad Request(invalid_grant) Last modified: August 24, 2016 --- # Bad Request(invalid_grant) * Resolved [CubiqSam](https://wordpress.org/support/users/cubiqsam/) * (@cubiqsam) * [11 years ago](https://wordpress.org/support/topic/bad-requestinvalid_grant/) * Postman has been handling the Mail Delivery nicely for a long period now on a clients site. Yesterday there was problems with the contact form sending emails. * The problematic emails say in the log: Bad Request(invalid_grant) * We’re sending using the Gmail API (oauth). I’ve logged into the Developer API panel in google, and can’t see any errors or reasons why it might have been having problems. * The diagnostics tools inbuilt into PostMan all seem to report with good results, and testing the form today all seems well. * Not sure why the contact form stopped yesterday, where could I look for clues? Could it be the hosting environment blocked / throttled something? * Thanks, Sam Wells * [https://wordpress.org/plugins/postman-smtp/](https://wordpress.org/plugins/postman-smtp/) Viewing 15 replies - 1 through 15 (of 18 total) 1 [2](https://wordpress.org/support/topic/bad-requestinvalid_grant/page/2/?output_format=md) [→](https://wordpress.org/support/topic/bad-requestinvalid_grant/page/2/?output_format=md) * Plugin Author [Jason Hendriks](https://wordpress.org/support/users/jasonhendriks/) * (@jasonhendriks) * [11 years ago](https://wordpress.org/support/topic/bad-requestinvalid_grant/#post-6149110) * Hi Sam. When you request access from Google, you receive two tokens: an authorization token (expires often) and a refresh token (never expires). The authorization token allows Postman to send email. The refresh token allows Postman to get new authorization tokens. * The request to refresh an expired auth token happens just before the email is sent, and this is where your error occurred. The invalid_grant error means Google refused to issue a new authorization token, for whatever reason. * If this happens again please let me know and I’ll follow up with Google. * Jason * Plugin Author [Jason Hendriks](https://wordpress.org/support/users/jasonhendriks/) * (@jasonhendriks) * [11 years ago](https://wordpress.org/support/topic/bad-requestinvalid_grant/#post-6149126) * Now I’m depressed. So much for being “reliable” 🙁 * !! * Thread Starter [CubiqSam](https://wordpress.org/support/users/cubiqsam/) * (@cubiqsam) * [11 years ago](https://wordpress.org/support/topic/bad-requestinvalid_grant/#post-6149130) * Praise to you, it’s the best Mailer plugin I’ve come across by a long way. * I guess the API is probably the most reliable method, but we’ve got a very active contact form on this particular site. * Is it better then to switch to the ‘Login’ Authentication mode instead? That’s what we’ve done for the moment just to see if it helps… * Plugin Author [Jason Hendriks](https://wordpress.org/support/users/jasonhendriks/) * (@jasonhendriks) * [11 years ago](https://wordpress.org/support/topic/bad-requestinvalid_grant/#post-6149142) * That’s a great question. Ultimately, I would still recommend OAuth over Login. I’ve seen Google’s Login auth fail periodically as well. * Perhaps I’ll add a feature to automatically retry failed emails. * Plugin Author [Jason Hendriks](https://wordpress.org/support/users/jasonhendriks/) * (@jasonhendriks) * [11 years ago](https://wordpress.org/support/topic/bad-requestinvalid_grant/#post-6149279) * Hi Sam, I’ve been thinking about this problem some more, and I’m wondering if you hit on a concurrency issue. * > we’ve got a very active contact form on this particular site. * Interesting. Could you tell me, for the emails that failed, did they happen to get created _at the same time_? This could be a classic [readers-writers problem](http://en.wikipedia.org/wiki/Readers–writers_problem). * Thread Starter [CubiqSam](https://wordpress.org/support/users/cubiqsam/) * (@cubiqsam) * [11 years ago](https://wordpress.org/support/topic/bad-requestinvalid_grant/#post-6149282) * Unfortunately, even though I set the logs to 100 (as the form is so active) those problematic ones have cleared since my previous reply so I can’t check. * I’ve also found out that just using Login Authentication isn’t a good alternative as a lot of the email logs now say: * > 5.7.9 Please log in with your web browser and then try again. Learn more at > 5.7.9 [https://support.google.com/mail/bin/answer.py?answer=78754](https://support.google.com/mail/bin/answer.py?answer=78754) > u193sm2983960oia.18 – gsmtp * Obviously a separate issue, from the looks of it Google forcing a ‘you gotta log in to keep sending emails via this app’ check. * Is is possible to suggest as a future feature a ‘try resending’ option on the‘ bulk edit’ log view? I understand that it’s probably outside of the scope of the plugin but it would be handy for when this kinda thing occurs. * Plugin Author [Jason Hendriks](https://wordpress.org/support/users/jasonhendriks/) * (@jasonhendriks) * [11 years ago](https://wordpress.org/support/topic/bad-requestinvalid_grant/#post-6149284) * I will definitely think about that for a future feature. * > Obviously a separate issue, from the looks of it Google forcing a ‘you gotta > log in to keep sending emails via this app’ check. * I get this error all the time when I try to login using a password. It’s pretty much the reason I wrote this plugin. Google is saying “disable our extra security”( and I’m forbidden because my account is actually a Google Apps account) … “or use OAuth2”. * [http://googleappsdeveloper.blogspot.no/2014/10/updates-on-authentication-for-gmail.html](http://googleappsdeveloper.blogspot.no/2014/10/updates-on-authentication-for-gmail.html) * Thread Starter [CubiqSam](https://wordpress.org/support/users/cubiqsam/) * (@cubiqsam) * [11 years ago](https://wordpress.org/support/topic/bad-requestinvalid_grant/#post-6149285) * Yeah we enabled (Disabled?) the allow “Less Secure Apps” option before starting so it appears it’s still triggering the lockout somehow. * I think we will probably need to move to Mandrill or Sendgrid rapidly! * Plugin Author [Jason Hendriks](https://wordpress.org/support/users/jasonhendriks/) * (@jasonhendriks) * [11 years ago](https://wordpress.org/support/topic/bad-requestinvalid_grant/#post-6149286) * So you get ~10 a day? More? I assume for now you’ve gone back to OAuth2? Please send me a screenshot of the log screen if the invalid grant error happens again, I’d like to see the timing of the emails. * [http://www.codingmonkey.ca/contact/](http://www.codingmonkey.ca/contact/) * Thread Starter [CubiqSam](https://wordpress.org/support/users/cubiqsam/) * (@cubiqsam) * [11 years ago](https://wordpress.org/support/topic/bad-requestinvalid_grant/#post-6149287) * That’s right I’ve switched it back to Oauth just to help alleviate this particular problem. * I’m more than happy to provide a login to the site in question if you’d like to get in there and take a proper look? * The volumes are significant, I wasn’t aware they would be quite as high as they are. It’s a good stress test for your plugin, that’s for sure! * Plugin Author [Jason Hendriks](https://wordpress.org/support/users/jasonhendriks/) * (@jasonhendriks) * [11 years ago](https://wordpress.org/support/topic/bad-requestinvalid_grant/#post-6149306) * An update.. v1.6.12 now saves the data needed to resend a message for messages that fail. Still have to implement the resend interface for the user. * Thread Starter [CubiqSam](https://wordpress.org/support/users/cubiqsam/) * (@cubiqsam) * [11 years ago](https://wordpress.org/support/topic/bad-requestinvalid_grant/#post-6149312) * That’s really good progress already. Thanks for looking into the feature. * Plugin Author [Jason Hendriks](https://wordpress.org/support/users/jasonhendriks/) * (@jasonhendriks) * [11 years ago](https://wordpress.org/support/topic/bad-requestinvalid_grant/#post-6149317) * To v1.6.13 I’ve added file-based locking to make sure that two emails can not try to refresh the token at the exact same time. it’s the only thing I can think of that would make Postman the cause of an invalid grant failure. * If you’re running on Linux everything is already to go, the temp dir is set as/ tmp. If you’re running on Windows, you will have to put in the correct path in Manually Configure -> Advanced. * Still working on the resend UI! * [gogoel](https://wordpress.org/support/users/gogoel/) * (@gogoel) * [10 years, 7 months ago](https://wordpress.org/support/topic/bad-requestinvalid_grant/#post-6149373) * Hi, I am facing error in accessing token for a authorized user having error “ Invalid Grant”. * OAUTH2 “Invalid Grant” with a new ClientID, google has changed the way Client ID is created. * Plugin Author [Jason Hendriks](https://wordpress.org/support/users/jasonhendriks/) * (@jasonhendriks) * [10 years, 7 months ago](https://wordpress.org/support/topic/bad-requestinvalid_grant/#post-6149374) * [@gogoel](https://wordpress.org/support/users/gogoel/) would you be more specific? I’m not sure what the problem you’re having is. Viewing 15 replies - 1 through 15 (of 18 total) 1 [2](https://wordpress.org/support/topic/bad-requestinvalid_grant/page/2/?output_format=md) [→](https://wordpress.org/support/topic/bad-requestinvalid_grant/page/2/?output_format=md) The topic ‘Bad Request(invalid_grant)’ is closed to new replies. * ![](https://s.w.org/plugins/geopattern-icon/postman-smtp_7c7b78.svg) * [Postman SMTP Mailer/Email Log](https://wordpress.org/plugins/postman-smtp/) * [Frequently Asked Questions](https://wordpress.org/plugins/postman-smtp/#faq) * [Support Threads](https://wordpress.org/support/plugin/postman-smtp/) * [Active Topics](https://wordpress.org/support/plugin/postman-smtp/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/postman-smtp/unresolved/) * [Reviews](https://wordpress.org/support/plugin/postman-smtp/reviews/) ## Tags * [invalid_grant](https://wordpress.org/support/topic-tag/invalid_grant/) * 18 replies * 3 participants * Last reply from: [Jason Hendriks](https://wordpress.org/support/users/jasonhendriks/) * Last activity: [10 years, 7 months ago](https://wordpress.org/support/topic/bad-requestinvalid_grant/page/2/#post-6149377) * Status: resolved