Refresh token occasionally got invalidated
828 views
Skip to first unread message
Gavin
Feb 19, 2020, 3:53:52 PM2/19/20
to AdWords API and Google Ads API Forum
Hello,
We have been using refresh token to access ads entities. However, we recently notice that there are several times when the refresh token got invalidated. Below are two types of message that we got when we try to call AdsOAuthProvider::RefreshAccessToken(). Based on the fact that we have been using the same refresh token, we think the token was somehow invalidated.
Can you please help to check:
1. What do the two types of error message mean? In which scenario do they show up?
2. Is there a way to check the root cause of the invalidated token (assuming that the token was invalidated)? If so, what information do you need to start the investigation?
Thanks,
Gavin
Exception: Google.Api.Ads.Common.Lib.AdsOAuthException: Failed to refresh access token. ---> System.AggregateException: One or more errors occurred. ---> Google.Apis.Auth.OAuth2.Responses.TokenResponseException: Error:"invalid_grant", Description:"Token has been expired or revoked.", Uri:""
at Google.Apis.Auth.OAuth2.Requests.TokenRequestExtenstions.<ExecuteAsync>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Google.Apis.Auth.OAuth2.Flows.AuthorizationCodeFlow.<FetchTokenAsync>d__35.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at Google.Apis.Auth.OAuth2.Flows.AuthorizationCodeFlow.<FetchTokenAsync>d__35.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Google.Apis.Auth.OAuth2.Flows.AuthorizationCodeFlow.<RefreshTokenAsync>d__31.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Google.Apis.Auth.OAuth2.UserCredential.<RefreshTokenAsync>d__16.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Google.Apis.Auth.OAuth2.TokenRefreshManager.<RefreshTokenAsync>d__12.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Google.Apis.Auth.OAuth2.TokenRefreshManager.<GetAccessTokenForRequestAsync>d__10.MoveNext()
--- End of inner exception stack trace ---
at System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions)
at System.Threading.Tasks.Task.Wait(Int32 millisecondsTimeout, CancellationToken cancellationToken)
at Google.Api.Ads.Common.OAuth.AdsOAuthProviderImpl.GetAccessTokenForAuthorizationCodeFlow()
at Google.Api.Ads.Common.OAuth.AdsOAuthProviderImpl.RefreshAccessTokenInOfflineMode()
--- End of inner exception stack trace ---
at Google.Api.Ads.Common.OAuth.AdsOAuthProviderImpl.RefreshAccessTokenInOfflineMode()
at Google.Apis.Auth.OAuth2.Requests.TokenRequestExtenstions.<ExecuteAsync>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Google.Apis.Auth.OAuth2.Flows.AuthorizationCodeFlow.<FetchTokenAsync>d__35.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at Google.Apis.Auth.OAuth2.Flows.AuthorizationCodeFlow.<FetchTokenAsync>d__35.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Google.Apis.Auth.OAuth2.Flows.AuthorizationCodeFlow.<RefreshTokenAsync>d__31.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Google.Apis.Auth.OAuth2.UserCredential.<RefreshTokenAsync>d__16.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Google.Apis.Auth.OAuth2.TokenRefreshManager.<RefreshTokenAsync>d__12.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Google.Apis.Auth.OAuth2.TokenRefreshManager.<GetAccessTokenForRequestAsync>d__10.MoveNext()
--- End of inner exception stack trace ---
at System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions)
at System.Threading.Tasks.Task.Wait(Int32 millisecondsTimeout, CancellationToken cancellationToken)
at Google.Api.Ads.Common.OAuth.AdsOAuthProviderImpl.GetAccessTokenForAuthorizationCodeFlow()
at Google.Api.Ads.Common.OAuth.AdsOAuthProviderImpl.RefreshAccessTokenInOfflineMode()
--- End of inner exception stack trace ---
at Google.Api.Ads.Common.OAuth.AdsOAuthProviderImpl.RefreshAccessTokenInOfflineMode()
Couldn't get fresh tokens. AdWordsSessionId: ff414e42-ce47-472e-9937-d0f27321aeab, Exception: Google.Api.Ads.Common.Lib.AdsOAuthException: Failed to refresh access token. ---> System.AggregateException: One or more errors occurred. ---> Google.Apis.Auth.OAuth2.Responses.TokenResponseException: Error:"invalid_grant", Description:"Bad Request", Uri:""
at Google.Apis.Auth.OAuth2.Requests.TokenRequestExtenstions.<ExecuteAsync>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Google.Apis.Auth.OAuth2.Flows.AuthorizationCodeFlow.<FetchTokenAsync>d__35.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at Google.Apis.Auth.OAuth2.Flows.AuthorizationCodeFlow.<FetchTokenAsync>d__35.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Google.Apis.Auth.OAuth2.Flows.AuthorizationCodeFlow.<RefreshTokenAsync>d__31.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Google.Apis.Auth.OAuth2.UserCredential.<RefreshTokenAsync>d__16.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Google.Apis.Auth.OAuth2.TokenRefreshManager.<RefreshTokenAsync>d__12.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Google.Apis.Auth.OAuth2.TokenRefreshManager.<GetAccessTokenForRequestAsync>d__10.MoveNext()
--- End of inner exception stack trace ---
at System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions)
at System.Threading.Tasks.Task.Wait(Int32 millisecondsTimeout, CancellationToken cancellationToken)
at Google.Api.Ads.Common.OAuth.AdsOAuthProviderImpl.GetAccessTokenForAuthorizationCodeFlow()
at Google.Api.Ads.Common.OAuth.AdsOAuthProviderImpl.RefreshAccessTokenInOfflineMode()
--- End of inner exception stack trace ---
at Google.Api.Ads.Common.OAuth.AdsOAuthProviderImpl.RefreshAccessTokenInOfflineMode()
at Google.Apis.Auth.OAuth2.Requests.TokenRequestExtenstions.<ExecuteAsync>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Google.Apis.Auth.OAuth2.Flows.AuthorizationCodeFlow.<FetchTokenAsync>d__35.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at Google.Apis.Auth.OAuth2.Flows.AuthorizationCodeFlow.<FetchTokenAsync>d__35.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Google.Apis.Auth.OAuth2.Flows.AuthorizationCodeFlow.<RefreshTokenAsync>d__31.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Google.Apis.Auth.OAuth2.UserCredential.<RefreshTokenAsync>d__16.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Google.Apis.Auth.OAuth2.TokenRefreshManager.<RefreshTokenAsync>d__12.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Google.Apis.Auth.OAuth2.TokenRefreshManager.<GetAccessTokenForRequestAsync>d__10.MoveNext()
--- End of inner exception stack trace ---
at System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions)
at System.Threading.Tasks.Task.Wait(Int32 millisecondsTimeout, CancellationToken cancellationToken)
at Google.Api.Ads.Common.OAuth.AdsOAuthProviderImpl.GetAccessTokenForAuthorizationCodeFlow()
at Google.Api.Ads.Common.OAuth.AdsOAuthProviderImpl.RefreshAccessTokenInOfflineMode()
--- End of inner exception stack trace ---
at Google.Api.Ads.Common.OAuth.AdsOAuthProviderImpl.RefreshAccessTokenInOfflineMode()
Google Ads API Forum Advisor Prod
Feb 20, 2020, 4:47:37 PM2/20/20
to gms1...@gmail.com, adwor...@googlegroups.com
Hi Gavin,
Thank you for reaching out to us. I see you’re encountering a Token expiration error. The first error looks to be an error with the access token not being refreshed and the refresh token not refreshing the access token. The second error looks like the refresh token is not correctly refreshing the access token, possibly due to using an incorrect token. In this case, could you follow these steps to re-obtain a new set of refresh and access tokens and see if that corrects the error? Could I also ask if you are using a Service account? Service accounts are a little trickier to set up OAuth credentials for, and the same functionality can be achieved by using OAuth2 Installed Application Flow, which will always persist the refresh token. Please let me know if you have further questions or concerns.
Thank you,
Bryan, Google Ads API Team
ref:_00D1U1174p._5001UV1eGg:ref
Gavin
Feb 21, 2020, 1:43:49 PM2/21/20
to AdWords API and Google Ads API Forum
Hello, Bryan,
Thank you for your reply. Based on the link you share, I don't think the account we are dealing with is using Service Account. We are doing exactly what is described as "Installed application" in this link. We first get the access token and refresh token, which involves human authorization. Once we have the refresh token, we store it and later we obtain new access token, which is fully automated. This set of logic has been working for most of our accounts except the one I mentioned in my original email.
The issue is that, for this particular account, the refresh token seems to become invalid after a few times of use. Getting a new set of access token and refresh token through human authorization flow always solves the problem, temporarily. However, we want to root cause the issue as we don't want to involve human authorization once in a while. Is there a way to check why the refresh token becomes bad?
Thanks,
Gavin
Google Ads API Forum Advisor Prod
Feb 21, 2020, 4:55:56 PM2/21/20
to gms1...@gmail.com, adwor...@googlegroups.com
Hi Gavin,
Could you provide me with your SOAP request and response logs where this error occurs, so that I can further troubleshoot this issue? For privacy concerns, you can reply to me by clicking “Reply privately to author”.
Rajasekhar Tatikonda
Jul 15, 2020, 11:27:15 AM7/15/20
to AdWords API and Google Ads API Forum
Is this resolved. I'm facing the same issue
Google Ads API Forum Advisor Prod
Jul 15, 2020, 2:42:22 PM7/15/20
to rajase...@gmail.com, adwor...@googlegroups.com
Hi Rajasekhar,
Thank you for reaching out to us. Could you further elaborate on your issue, and provide us with the request and response logs for where you're encountering this error? For security concerns, you can reply to us by using the "reply privately to author" button.
Thank you,
Bryan, Google Ads API Team
ref:_00D1U1174p._5001UV1eGg:ref
Reply all
Reply to author
Forward
0 new messages