Using OAuth refresh token is returning "invalid_grant" "Invalid refresh token"
回答済み
We have many different organizations using our integration with Box. All of them except for one obtains and uses OAuth refresh tokens, all day, every day.
One organization in particular is complaining about "losing their connection" with Box. The scenario is that the user has not used their OAuth connection in over an hour, so the OAuth token is expired; we use the refresh token to obtain a new OAuth token (and new refresh token), but the request fails with the error; "invalid_grant" "Invalid refresh token"
It hasn't been 60 days, so that's not the error (that error reports "timeout" which is not what we're seeing. It's not an attempt to use the same refresh token more than once (we've eliminated that possibility).
In other OAuth systems, I know that if the user changes his password that it will invalidate any outstanding OAuth refresh tokens. Could this be the case here? Are there any other cases in which would cause an OAuth refresh token to become invalid?
-
Hi there,
Welcome to the Box Community!
A Box Software Developer may address your query most effectively. It would be preferable for you to post your question on our new community website: https://community.box.com/
Thanks for posting!
サインインしてコメントを残してください。
コメント
1件のコメント