Zuora Connector – "Access Token expired for resource owner id default" Error

Issue 1: Object Store TTL Misconfiguration

Root Cause:
The Object Store TTL is lower than the refresh token lifespan. As a result, the refresh token is removed from Object Store before it can be used to generate a new access token.

Resolution:

• Confirm refresh token lifespan with the customer (based on their Zuora OAuth configuration).
• Ensure Object Store TTL is greater than refresh token lifespan.
• Recommended configuration:
  • Set expirationInterval to 90 minutes (or higher depending on token validity).
• Add buffer time (20–30 minutes) beyond access token validity.
• Ensure token lifecycle covers idle periods in production usage.

Issue 2: Misleading Error Due to Payload Formatting

Root Cause:
Zuora Connector expects PascalCase field names. Using camelCase fields can trigger OAuth-like errors instead of proper validation errors.

Resolution:

• Update Transform Message to use PascalCase fields:
  • Example: FirstName, LastName, AccountId
• Ensure all mandatory fields are included in the request payload.
• Validate payload using HTTP connector if needed.
• Enable debug logs:  com.mulesoft.connectors.zuora 

Additional Recommendations

• Always verify refresh token lifespan with the customer’s Zuora OAuth configuration.
• Ensure Object Store TTL is aligned with token lifecycle.
• Add a "Generate OAuth Token" step before first connector operation to avoid startup failures.
• Avoid using Authorization Code flow in environments where refresh tokens have very short lifespans.
• Use debug logs to distinguish real authentication failures from payload validation issues.