Different refresh tokens for the same user

Hi there.

I noticed strange behaviour. For one of the customers we get refresh token is invalid error. When he tries to reauthorize, it works fine for several hours/day and then the error occurs again (for the new refresh token).

I noticed that we get two different refresh tokens, so:

  1. token A works
  2. token A stops working, user reauthorizes, we get token B
  3. token B works for some time
  4. token B stops working but token A works

I can share with you details (company id, client id, refresh tokens) to looks closer at this issue.

That issue was caused by the fact that we have 2 apps and we were overwriting OAuth tokens for one app with tokens for another app.

1 Like