Getting same refresh token | Community
Skip to main content
K
Kumar1
June 6, 2022
Solved

Getting same refresh token

  • June 6, 2022
  • 1 reply
  • 3098 views

We are trying to get new refresh_token and access_token using existing refresh_token. Every time it returns the same refresh_token but less validity left. After sometime refresh_token will be not valid anymore.

Can someone suggest how to generate new refresh_token with more validity.

 

Note :- We have scheduled job which runs every 12hrs to generate new refresh_token and access_token using existing refresh_token

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by tmj

@tmj We are using Adobe Analytics API's and I don't think it support offline_scope.


Yep - that's true. The Analytics API does not support offline_access scope yet. So your app would not be able to refresh access tokens for more than 14 days and would need the user to log in again. 

1 reply

tmj
Adobe Employee
tmjAdobe Employee
Adobe Employee
June 6, 2022

Hi @kumar1 

 

Did you create your project recently (to be exact: did you add the OAuth credential recently to your project)?

If not, I'd recommend deleting the current OAuth credential from your project and re-adding the API to get a new OAuth credential. We have made a host of improvements to refresh tokens in the new credential which avoids problems like the one you are seeing. 

 

Let me know if this still does not work for you.

Happy to help

Thanks,
Manik

K
Kumar1Author
June 6, 2022

Hi Manik,

 

I created the new project and used newly generated OAuth credentials to fetch fresh set of access_token and refresh_token but it is still repeatedly returning the same refresh_token .

tmj
Adobe Employee
tmjAdobe Employee
Adobe Employee
June 8, 2022

@kumar1 I checked with our internal team - that is not a problem - we reuse the same refresh token for 7 days (as it expires in 14 days). Post 7 days, our OAuth servers will return you a new refresh token. So the effect to watch out for is not whether refresh tokens are same or not, but whether your app is able to refresh access tokens indefinitely. 

 

Also, one thing probably worth verifying is whether your API has the offline access scope available. To do this, go to your project on the Developer Console, on the sidenav pick the OAuth credential you are using and then click on the scopes tab to see the list of scopes added to your client id. 

 

Let me know if this still does not work for you. 

Happy to help.

    Terms & ConditionsAccessibility statement

    Loading footer...