Previously working code now has an Invalid Grant error?

[Sam Pascoe]

Hi there, I woke up to try my code one morning and now have the error below:

code: 16, 

details: 'Failed to retrieve auth metadata with error: invalid_grant', 

metadata: Metadata { internalRepr: Map(0) {}, options: {} }, 

note: 'Exception occurred in retry method that was not classified as transient'

this was working perfectly the night before and I'm unsure what could have caused it. How can I fix this issue?

[Google Ads API Forum Advisor]

Hi Sam,

Thank you for reaching out to our API support team.

To help you fix this issue, could you please provide the complete request and response logs, with the request-id? If you haven't yet, logging can be enabled by navigating to the Client libraries > Your client library (ex. Java) > Logging documentation, which you can access from this link.You can provide it via Reply privately to author option. If this option is not available, you may send the details directly to our googleadsa...@google.com alias instead. Let me know if you have any questions.


Best,

Anthony Cyril Google Ads API Team

ref:_00D1U1174p._5004Q2cWRpu:ref

[Mike M]

Sam,

For some strange reason, I too also received this over the REST API for generating an Access Token from my Refresh Token. This caused the invalid_grant error for me. I'm not certain why my Refresh Token just stopped working. When it did, I followed this video with Google oAuth Playground to generate a new Refresh Token that I could use, and I really don't know how long that will last before I need to do it again. We've been using this same Refresh Token for at least a month and a half.

Watch this video: https://youtu.be/KFICa7Ngzng

[Google Ads API Forum Advisor]

Hi all,

Thank you for getting back to us. I am Sherwin from Google Ads API and I work with Anthony. I hope that you are doing well today.

@all. The invalid_grant usually occurs if the refresh token is already expired and the usual reasons are listed on this document. Add to that, a Google Cloud Platform project with an OAuth consent screen configured for an external user type and a publishing status of "Testing" is issued a refresh token expiring in 7 days. If the reason is already identified and confirmed from the list of the said document, then that is the time for a new refresh token by following the guide in the Youtube video. If the publishing status of the Google Project has been reset to "Testing", we highly suggest users to go to the Google API Console and navigate to the OAuth consent screen. Then change the publishing status to “In production” following these instructions to avoid the refresh token expiring in 7 days.

Please let us know if you have other concerns or questions, we will be happy to help.

Kind regards,

Sherwin Vincent Google Ads API Team

ref:_00D1U1174p._5004Q2cWRpu:ref

[Mike M]

I took over this project from another developer (now no longer available to us) and recoded it, switching from the SOAP API to the REST API on Google Ads API. I found his config PHP and got the IDs I needed from there and continued using them. So, about 2 months ago I was using the Client ID, Client Secret, and Refresh Tokens that he had already generated. Everything was running perfectly for 2 months until the Refresh Token just expired for no reason at all. The doc you reference -- https://developers.google.com/identity/protocols/oauth2#expiration -- we checked each and every item mentioned there on why our Refresh Token may have expired and found no correlation. I found that the previous developer generated one with the Desktop app off of Github. I decided to create a new oAuth Client and set it as a Web Application instead. Then, I used the oAuth Playground to generate another Refresh ID. I then grabbed this new Client ID, Client Secret, and Refresh ID, and plugged it into my config PHP file, and sure enough I was generating access tokens again just fine and my offline conversions were working fine again.

We're just wondering how come the Refresh Token expired? How come the documentation didn't explain our particular case on why it expired? And I'm not certain because I don't have the previous developer to interact with on this, but will a Refresh Token last for, say, 2 years or more? Or, is there a limit (undocumented) on when that Refresh Token will finally expire?

[Google Ads API Forum Advisor]

Hi Mike,
 

Thank you for getting back to us. I work with Sherwin and allow me to assist you here. I hope you are doing well today.

To answer your concerns and questions in general, I'm afraid that concerns related to refresh token expiration is already outside of our team's expertise. We recommend that you reach out to the Console Team via this link instead.
 

Also, I recommend posting your concern here, this was also included inside the support link that I provided. This is a public forum which is dedicated to Oauth2 and refresh token related questions. I hope this helps.

Regards,

Darwin Google Ads API Team

ref:_00D1U1174p._5004Q2cWRpu:ref