Skip to main content
Solved

Issue with Refresh Token Not Updating on Expiration via OAuth Endpoint

  • 14 February 2024
  • 1 reply
  • 64 views

Forum|alt.badge.img

Hi,

We've encountered an issue with the expiration of the refresh token. According to the documentation, refresh tokens are valid for 6 months.

The documentation states:

> Repeat this process as necessary, ensuring you use the refresh token at least once before its 6-month expiration to obtain a new set of credentials without having to restart the OAuth process from step one.

However, when we use the `POST https://app.frontapp.com/oauth/token` endpoint to obtain a new pair of access and refresh tokens, we indeed receive a new valid access token (extended for 1 hour), but the refresh token remains unchanged, including its expiration.

As a result, we are unable to update the refresh token. How can we resolve this issue?

I am testing with the following refresh token:
- Issued At: 1699617655 (11/10/2023, 2:00:55 PM)
- Expiration Time: 1715342455 (5/10/2024, 3:00:55 PM)

And I received the same token back from the `POST https://app.frontapp.com/oauth/token` endpoint.

Best answer by evano

Hi Vlad,

Thanks for letting us know about the gap in documentation; I’ll be sure to get that updated as soon as possible!

Refresh tokens expire after 182 days.  24 hours prior to expiry, a request to the oauth/token endpoint will return a new refresh token.

I hope that helps!

View original
Did this topic help you find an answer to your question?

1 reply

Forum|alt.badge.img+5
  • Fronteer
  • 32 replies
  • Answer
  • February 14, 2024

Hi Vlad,

Thanks for letting us know about the gap in documentation; I’ll be sure to get that updated as soon as possible!

Refresh tokens expire after 182 days.  24 hours prior to expiry, a request to the oauth/token endpoint will return a new refresh token.

I hope that helps!


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings