Question

Zap Turned OFF after Token Expiry

  • 28 April 2021
  • 1 reply
  • 34 views

Userlevel 1

Hello,

I’m experiencing problems with a Zap, that I’ve created to test our integration.

We are integrating our solutions in Zapier so that our users can make their own zaps.

 

We’re using Oauth2 flows, and everything seems to be fine, the zaps are working after the user connects their account. The issues I’m facing is the following:

After some time (10 hours in our case), the refresh token expires for real, like it can’t request new access token based on the refresh token and our identity provider is replying with a 400 Bad Request, since the refresh token is not good anymore. That triggers consecvent 400s which in the end, trigger the zap to be turned off.

Since this is my first integration I might not understood exactly how things work, but isn’t this something expected with Oauth2? I feel like it’s normal, based on the configs of the auth server, to have the tokens expired after a while. I was expecting the user to receive a “Please reconnect your account” pop-up/email/notification, but apparently the user is getting an email with the entire stack trace of the error.

I’m probably not doing something right in the checkStaleCredentials method. Here is the method:

const checkStaleCredentials = (response, z, bundle) => {  if (bundle.authData.refresh_token) {    if (response.status === 401) {      throw new z.errors.RefreshAuthError(); // ask for a refresh & retry    }  }  return response;};

 

While in the period that the refresh token is still valid, everything works smoothly. After the token is expired, I have the normal refreshToken request and then I receive a new valid token and so on, for 10 hours (in our case). But after that, it starts to break the zap, turn it off and the user gets an email with the entire stack trace and saying that something might be wrong with the set-up of the Zap.

 

Thank you in advance!


1 reply

Userlevel 6
Badge +9

Hey there, sorry for such a delayed response. Did you find a solution yet?

If so I’d love to hear what you learned, and what might help others who end up with a similar issue.

If you’re still troubleshooting… the first thing that’s coming to mind is when you do the refresh token flow, is the provider returning a new, different refresh token? And are you reassigning the new refresh token in the authData object when you get the result back from your refreshAccessToken? example.  Shot in the dark. I’ll bet you’ve looked at that already, but it feels like that would explain the behavior.  

In that same vein it’d be interesting to inspect those tokens themselves to see if they’re being issued properly by the provider - do you get a new one on refresh, and is the expiry time set correctly? etc. 

Reply