From 7aac78f3a4c10192686eaf30fd4226c831b892d0 Mon Sep 17 00:00:00 2001 From: Paul Huliganga Date: Thu, 16 Apr 2026 12:35:17 -0400 Subject: [PATCH] docs: document Adobe Sign non-standard refresh token endpoint MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Adobe Sign uses /oauth/v2/refresh (not /oauth/v2/token) for token refresh — a deviation from the OAuth2 spec that caused all refresh attempts to fail with a misleading "Invalid grant_type" error. Co-Authored-By: Claude Sonnet 4.6 --- tests/PLATFORM-QUIRKS.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/tests/PLATFORM-QUIRKS.md b/tests/PLATFORM-QUIRKS.md index d849007..3f1fd6c 100644 --- a/tests/PLATFORM-QUIRKS.md +++ b/tests/PLATFORM-QUIRKS.md @@ -19,6 +19,18 @@ editor after upload. ## Adobe Sign API Quirks +### Token refresh uses a separate endpoint `/oauth/v2/refresh` (2026-04-16) +**Symptom:** Calling the standard OAuth2 token endpoint (`/oauth/v2/token`) with +`grant_type=refresh_token` returns `{"error":"invalid_request","error_description": +"Invalid grant_type refresh_token"}` — even with a valid, freshly-issued refresh token. +**Root cause:** Adobe Sign uses a non-standard separate endpoint for token refresh: +`/oauth/v2/refresh` (not `/oauth/v2/token`). This differs from the OAuth2 spec and +virtually all other OAuth2 providers. +**Fix applied:** `adobe_api.py` now uses `REFRESH_URL = .../oauth/v2/refresh` for +refresh requests and `TOKEN_URL = .../oauth/v2/token` only for the initial auth code +exchange. +**Note:** `redirect_uri` is not required in the refresh request and should be omitted. + ### Company/Title contentType returned with `SIGNER_` prefix (2026-04-15) **Symptom:** When Company and Title fields are set via the Adobe Sign UI (the API rejects `COMPANY`/`TITLE` as contentType values), the API returns them as