On making a refresh token request, a new refresh token is generated and the old refresh token is invalidated. If the new refresh token is somehow lost, there’s no way to recover. Is it possible to make the old refresh token stay valid for a grace period after it is used in making a refresh token call?
+2Hi there
It would be nice to have something done that makes it easier to use refresh tokens without implementing a distributed lock in a serverless / multi-server environment. We’ve implemented OAuth with i.e. Salesforce and HubSpot and have been able to avoid that complexity because they don’t invalidate refresh tokens after a single use. Please consider adding a configuration option to your OAuth Apps that allow us to reuse refresh tokens. Regards.
+1Hi
https://docs.google.com/forms/d/e/1FAIpQLSenwcCuQsDUZ0agkwnzxbKQ2pyp5NMi_jyhab1W7a2Q2nxw_A/viewform
Please reach out if you have any questions!
Reply
Rich Text Editor, editor1
Editor toolbars
Press ALT 0 for help
WELCOME VISIONEERS
Login to the community
GONG CUSTOMERS & EMPLOYEES: LOGIN/REGISTER HERE
NOT A CUSTOMER? FILL OUT THE FIELDS BELOW:
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
