Google API: refresh tokens suddenly stopped working ("invalid_grant")

Question

All accesses (a dozen) stopped working returning the error "invalid_grant".

I have revoked the application access for one of the user, got a new one, and this access is now working again with a new refresh token.

I wonder what might have happened? I doubt all users changed their password (I read that this can revoked access) and refresh tokens don't have an expire limite.

Everything was working fine until now.

Answer 1

Refresh tokens should not expire if a user changes there password. That is kind of the point with a refresh token.

Refresh tokens can expire if

1. the refresh token hasn't been used for six months to get a new access token.
2. if the user in question revokes access via their Google Account.
3. To many refresh tokens. When a user authenticate your application you get a refresh token associated with your project and said user. If the user authenticates your application again you get another refresh token both will work. You can keep doing this until you reach the magic number of 25 at which time the first refresh token will automatically expire.

Number three could be your problem if you are not ensuring that you are always saving the most resent refresh token. Or if your users have multiple versions of your application running.

If you are having an issues with all of your users I think the problem could be that, Invalid grant can also be the result of Your server’s clock is not in sync with NTP.