I am working on getting the SSO to work on my web application. I get the code and exchange it for a token. However the refresh token is null. Is there a way to make it request the refresh token at the same time or is it a separate request?
Yes i know that. The refresh token should be included with your access token. But you have to request at least one valid scope. i.e if you dont request any scopes there is no need for an refresh token so it isn’t included.
Maybe you can help with another issue i’m coming up with. Trying to pull the corp killmails I keep getting a backend 404. Made sure it is a get request function of ESI. I know for a fact there are kills so it wouldn’t be an empty table. Verified the corp ID is valid. I’m passing a refresh token as “Authorization: Bearer dfasd…oinoaisndf”.
At first glance it looks like you have two spaces after Bearer in your headers array. Not sure if that is the cause just something i noticed.
My vote to the issue is your $_SESSION['corpID'] isn’t actually resolving to anything and is making the endpoint like https://esi.tech.ccp.is/latest/corporations//killmails/recent/ which obs doesn’t exist, hence the 404.
Another tip, instead of using /latest/ use the version of the endpoint, such as /v1/ so when the definition of latest changes, your code doesn’t break.