I’m puzzled by your implementation of token refresh ( https://pipedrive.readme.io/docs/marketplace-oauth-authorization#section-step-7-refreshing-the-tokens ):
- The goal of a refresh_token is to request a new access_token when the previous access_token is (nearly) expired
- However, it seems like you also rotate the refresh_token ánd invalidate the earlier refresh_token. (“A new refresh token will be issued in the response.”)
This is both unneeded (that’s why you have 2 tokens in OAuth instead of just 1 access_token) and very uncommon (eg. Google, Facebook, Twitter, … all have long-living refresh_tokens for good reason)
This causes Marketplace integrations to be very brittle – you only need 1 error (eg. a 500 error in your API, an error in token handling code, …) to ‘break the token chain’ and effectively require the end-user to go the approval flow again.
Can you explain the rationale behind this, or do I misinterpret something?