Question

Zapier not support refreshing refresh tokens in the OAuth flow?

  • 15 April 2024
  • 1 reply
  • 60 views

It seems like a Zapier doesn’t fully implement the OAuth 2 flow, in regards to updating the refresh token. So the refresh token has to essentially live forever or you have to force customers to periodically update the refresh token?

 

We’re returning the refresh_token in the auth token refresh request as specified in the OAuth standards but Zapier doesn’t actually use the refres_token in a subsequent response. Can anyone confirm if Zapier supports refreshing the refresh token in perhaps some other way without user interaction?

 

   An example successful response:

     HTTP/1.1 200 OK
     Content-Type: application/json;charset=UTF-8
     Cache-Control: no-store
     Pragma: no-cache

     {
       "access_token":"2YotnFZFEjr1zCsicMWpAA",
       "token_type":"example",
       "expires_in":3600,
       "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA",
       "example_parameter":"example_value"
     }

 


1 reply

Userlevel 2
Badge +2

Hi @Code Monkey ,

Zapier supports refreshing the access token in the OAuth flow. If the access token is not being automatically refreshed when it expires, take a look at the refresh token request code and ensure that everything is properly set up. Ensure that the following are set in the request code:

  • The refresh token is being sent in the body of the request (`bundle.authData.refresh_token`)
  • The correct grant_type has been specified
  • The URL/endpoint to refresh the token has been provided and is correct
  • The correct request method is specified

If all these have been confirmed and the issue still persists, then I would suggest that you reach out to our Developer Support team via https://developer.zapier.com/contact so that they can look further into the code.

Hope this helps,

Reply