Quick question about generating a long-lived API token for our CI/CD pipeline. Attempting to automate Data Action configuration updates via the REST API remains my goal. Standard access token expiration causes deployment jobs to fail midway. The refresh token mechanism rejects my client credentials grant request. I require a token surviving the full pipeline execution duration.
Problem
Why does the response omit the refresh token? My curl request includes the offline_access scope explicitly. I suspect the scope definition might be malformed. The documentation mentions offline_access but does not clarify interaction with client_credentials. My OpenTelemetry spans show the request completes successfully, yet the token lifecycle management fails downstream.
Steps to Reproduce
- Create OAuth app with
offline_accessscope. - POST to
/api/v2/oauth/tokenwithgrant_type=client_credentials. - Parse JSON response.
- Observe missing
refresh_tokenfield.
Code Snippet
curl -X POST https://api.mypurecloud.com/api/v2/oauth/token \
-d "client_id=MY_ID&client_secret=MY_SECRET&grant_type=client_credentials&scope=offline_access data_actions:read"
Response returns 200 OK but payload lacks refresh token.
Question
Is client_credentials grant type incompatible with refresh tokens in this platform? Should I switch to authorization_code for a headless service account?