We have built an app that asks for access to the YouTube API. We are not authorized yet, but are using it with our own accounts. We have the following problem: While some of our Gmail accounts grant us access, some others fail even though on their third party security settings, you can see that they have granted us access. It seems that they have removed us from their lists, even though they haven't and we know that since these are our accounts.
- Has anyone seen something like that?
- Is getting our app authorized going to solve this?
- Is there any other solution that you could offer?
Thanks for taking the time
my error message
status code: 400, response { data: { error: 'invalid_grant', error_description: 'Token has been expired or revoked.' } } }
Normally means that the refresh token you are using is no longer valid and you need to reauthenticate your user. The easiest way to test if i am right is to do just that force a reauth on the user.
causes for refresh token experation.
Refresh tokens while long lived they can expire for several reasons.
Let me try and explain number three a bit more. When a user authenticates your application you are given a refresh token. When the user authenticates your application again you are given an other refresh token. Both tokens will work as expected. You can continue this until you have up to 50 outstanding refresh tokens once you hit number 50 the first and oldest one will be expired. This is why it is important to always save new refresh tokens over the old one.