Support » Plugin: Postman SMTP Mailer/Email Log » Bad Request(invalid_grant)

  • Resolved CubiqSam


    Postman has been handling the Mail Delivery nicely for a long period now on a clients site.
    Yesterday there was problems with the contact form sending emails.

    The problematic emails say in the log:
    Bad Request(invalid_grant)

    We’re sending using the Gmail API (oauth). I’ve logged into the Developer API panel in google, and can’t see any errors or reasons why it might have been having problems.

    The diagnostics tools inbuilt into PostMan all seem to report with good results, and testing the form today all seems well.

    Not sure why the contact form stopped yesterday, where could I look for clues?
    Could it be the hosting environment blocked / throttled something?

    Sam Wells

Viewing 15 replies - 1 through 15 (of 18 total)
  • Plugin Author Jason Hendriks


    Hi Sam. When you request access from Google, you receive two tokens: an authorization token (expires often) and a refresh token (never expires). The authorization token allows Postman to send email. The refresh token allows Postman to get new authorization tokens.

    The request to refresh an expired auth token happens just before the email is sent, and this is where your error occurred. The invalid_grant error means Google refused to issue a new authorization token, for whatever reason.

    If this happens again please let me know and I’ll follow up with Google.


    Plugin Author Jason Hendriks


    Now I’m depressed. So much for being “reliable” 🙁


    Praise to you, it’s the best Mailer plugin I’ve come across by a long way.

    I guess the API is probably the most reliable method, but we’ve got a very active contact form on this particular site.

    Is it better then to switch to the ‘Login’ Authentication mode instead? That’s what we’ve done for the moment just to see if it helps…

    Plugin Author Jason Hendriks


    That’s a great question. Ultimately, I would still recommend OAuth over Login. I’ve seen Google’s Login auth fail periodically as well.

    Perhaps I’ll add a feature to automatically retry failed emails.

    Plugin Author Jason Hendriks


    Hi Sam, I’ve been thinking about this problem some more, and I’m wondering if you hit on a concurrency issue.

    we’ve got a very active contact form on this particular site.

    Interesting. Could you tell me, for the emails that failed, did they happen to get created at the same time? This could be a classic readers-writers problem.

    Unfortunately, even though I set the logs to 100 (as the form is so active) those problematic ones have cleared since my previous reply so I can’t check.

    I’ve also found out that just using Login Authentication isn’t a good alternative as a lot of the email logs now say:

    5.7.9 Please log in with your web browser and then try again. Learn more at 5.7.9 u193sm2983960oia.18 – gsmtp

    Obviously a separate issue, from the looks of it Google forcing a ‘you gotta log in to keep sending emails via this app’ check.

    Is is possible to suggest as a future feature a ‘try resending’ option on the ‘bulk edit’ log view? I understand that it’s probably outside of the scope of the plugin but it would be handy for when this kinda thing occurs.

    Plugin Author Jason Hendriks


    I will definitely think about that for a future feature.

    Obviously a separate issue, from the looks of it Google forcing a ‘you gotta log in to keep sending emails via this app’ check.

    I get this error all the time when I try to login using a password. It’s pretty much the reason I wrote this plugin. Google is saying “disable our extra security” (and I’m forbidden because my account is actually a Google Apps account) … “or use OAuth2”.

    Yeah we enabled (Disabled?) the allow “Less Secure Apps” option before starting so it appears it’s still triggering the lockout somehow.

    I think we will probably need to move to Mandrill or Sendgrid rapidly!

    Plugin Author Jason Hendriks


    So you get ~10 a day? More? I assume for now you’ve gone back to OAuth2? Please send me a screenshot of the log screen if the invalid grant error happens again, I’d like to see the timing of the emails.

    That’s right I’ve switched it back to Oauth just to help alleviate this particular problem.

    I’m more than happy to provide a login to the site in question if you’d like to get in there and take a proper look?

    The volumes are significant, I wasn’t aware they would be quite as high as they are. It’s a good stress test for your plugin, that’s for sure!

    Plugin Author Jason Hendriks


    An update.. v1.6.12 now saves the data needed to resend a message for messages that fail. Still have to implement the resend interface for the user.

    That’s really good progress already.
    Thanks for looking into the feature.

    Plugin Author Jason Hendriks


    To v1.6.13 I’ve added file-based locking to make sure that two emails can not try to refresh the token at the exact same time. it’s the only thing I can think of that would make Postman the cause of an invalid grant failure.

    If you’re running on Linux everything is already to go, the temp dir is set as /tmp. If you’re running on Windows, you will have to put in the correct path in Manually Configure -> Advanced.

    Still working on the resend UI!

    I am facing error in accessing token for a authorized user having error “Invalid Grant”.

    OAUTH2 “Invalid Grant” with a new ClientID, google has changed the way Client ID is created.

    Plugin Author Jason Hendriks


    @gogoel would you be more specific? I’m not sure what the problem you’re having is.

Viewing 15 replies - 1 through 15 (of 18 total)
  • The topic ‘Bad Request(invalid_grant)’ is closed to new replies.