Shared Access Tokens (OAuth)

I wanted to confirm some behaviour we are observing with an OAuth flow.

Let’s assume we have a single Pipedrive Account shared between two people (Wrong, I know, but I want to consider the development side of this) and they are using this Pipedrive Account to OAuth to the same third-party application.

If those two same people go through an OAuth flow and each receives access and refresh tokens, does the issuing of the second token pair one cancel out the first?

In other words, is each Pipedrive account only permitted one access and refresh token pair per application?


If I understand you correctly, yes, each User could only use 1 access and refresh token pair per app. You could only separate the 2 via different Users (as they would just cancel out each other otherwise).