Using Refresh Token Exception {"error": "invalid_grant"} '

Question

Using Refresh Token Exception {"error": "invalid_grant"} '

I have successfully created an application that retrieves the access token and updates.

In my script, I check if the access token is valid, and if not, I use the update token to access $client->refreshToken($refreshToken);

Full code

  $refreshToken = '<REFRESH_TOKEN>'; $client_id = '<CLIENT_ID>'; $client_secret = '<CLIENT_SECRET>'; // Setup infomation $client = new Google_Client(); $client->setClientId($client_id); $client->setClientSecret($client_secret); $client->setAccessType("offline"); $client->addScope("https://mail.google.com/"); // If access token is not valid use refresh token if($client->isAccessTokenExpired()) { // Use refresh token $client->refreshToken($refreshToken); } else { // Use access token echo $client->setAccessToken($accessToken); }

However, when I try to use the update token, I get excpetion:

 Fatal error: Uncaught exception 'Google_Auth_Exception' with message 'Error refreshing the OAuth2 token, message: '{ "error" : "invalid_grant" }''

+7

token gmail-api

Jack trowbridge Nov 03 '14 at 21:58

source share

6 answers

laander · Answer 1 · 2016-07-18T10:30:36+0000

In the OAuth2 specifier, "invalid_grant" is a kind of error for all errors associated with invalid / expired / canceled tokens (grant or update token).

There are many potential causes for problems, here is a checklist:

Server clock / time not synchronized.
Not allowed for offline access
Throttled by google
Using expired update tokens
User is inactive for 6 months.
Use work agent email instead of customer id
Too many access tokens in a short time
The client SDK may be outdated.
Invalid / incomplete update token
User actively revoked access to our application
User has reset / reset his Google password

I wrote a short article that outlines each element with some debugging instructions to help find the culprit. We spent days hunting for it, hope it can help others turn these days into hours.

SGC · Answer 2 · 2014-11-07T00:59:46+0000

The reason for the “Invalid Grant” error can be caused by the fact that the update token is not working. This may be due to the fact that when the number of update tokens exceeds the limit, old tokens become invalid. If the application tries to use an invalid update token, an invalid_grant error response is returned. Here is the link for more documentation.

Wonder jun bae · Answer 3 · 2015-05-28T19:04:53+0000

"invalid_grent" can be caused by a token with an expired / invalid update. In my case, he had extra space at the end.

DRQ · Answer 4 · 2015-11-05T02:03:01+0000

As you all know, the error can be caused by two reasons:

Update token is no longer valid
Refreshing the token is not the case - perhaps some characters are hidden, which the code somehow adds.

I had this problem before (same error message) and it turned out that my update token had expired.

Nguyễn Kim Chung · Answer 5 · 2017-07-12T08:55:23+0000

my problems is authorization_code only for exchanging access token, you cannot reuse it. just update authorization_code to get a new access token

Charlie martin · Answer 6 · 2017-10-18T22:06:37+0000

Google now has a dedicated page in its API manual for this error, which says that there are only 2 reasons for this ...

Your server’s clock does not synchronize with the network time protocol - NTP .
Update token limit exceeded.

The limit for each unique pair of OAuth 2.0 clients and a Google Analytics account is 25 update tokens. If the application continues to request update tokens for the same Client / Account pair, after the 26th token is issued, the first update token that was previously issued will become invalid.

Using Refresh Token Exception {"error": "invalid_grant"} '

More articles: