I know a few circumstances where an Refresh Token expires, or becomes invalid:
1. Your software revoked the token <https://developers.google.com/identity/protocols/oauth2/native-app#tokenrevoke>. In other words, your software has a Logout function and that was successfully called. 2. That user went to his Google account settings, Security, and then Manage third party access (direct link <https://myaccount.google.com/permissions>). He saw your OAuth2 client (here called "third party app", clicked on it, and then clicked "Remove Access". 3. The Refresh token expired because it was not used in six months. By usage, it means obtaining an access token using that particular Refresh token. 4. The user granted your OAuth2 client over 50 times access, without logging out in between. For instance, you have a web application storing the refresh token in a cookie, and the user destroys his cookies every now and when. Because of that, he has to log in because the old tokens were never revoked. Now, if you also use that same OAuth2 client in an app, then at one point the refresh token for that app will become invalid. 5. The most likely reason: the requested OAuth2 scope was not limited to adwords, it also contained one or more gmail scopes. In that case, when a user changes his password, all refreshtokens with a gmail scope become invalid. Reasons 2 to 5 are documented at the Google OAuth2 docs <https://developers.google.com/identity/protocols/oauth2#expiration>. A few years ago I noticed that the last reason was incomplete. You get the same behaviour if a Google Analytics scope is included. I am not sure if this is still the case, this behaviour has never been officially documented. When you do get to the bottom of it, please post your findings! On Friday, April 10, 2020 at 10:28:18 PM UTC+2, adsapiforumadvisor wrote: > > Hi Petro, > > As mentioned in this > <https://developers.google.com/adwords/api/docs/guides/authentication#an_alternative_to_service_accounts> > documentation, > refresh tokens do not expire. In order for me to further investigate what > has caused your issue, kindly provide your client customer ID and complete > detailed request and response logs. Please ensure that you *"Reply > privately to author" *when providing this information, > > Thanks, > Danica Calusin, Google Ads API Team > > ref:_00D1U1174p._5001UZXKqw:ref > -- -- =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ Also find us on our blog: https://googleadsdeveloper.blogspot.com/ =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ You received this message because you are subscribed to the Google Groups "AdWords API and Google Ads API Forum" group. To post to this group, send email to adwords-api@googlegroups.com To unsubscribe from this group, send email to adwords-api+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/adwords-api?hl=en --- You received this message because you are subscribed to the Google Groups "AdWords API and Google Ads API Forum" group. To unsubscribe from this group and stop receiving emails from it, send an email to adwords-api+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/adwords-api/c257d3f9-594e-47a1-9316-00bcd5143018%40googlegroups.com.