Lifetime of a refresh token

[Hao Li]

Hello, 

We are using OAuth2.0 to pull reports from Adwords. We wonder if a refresh token is always valid after it is granted. If not, in what kind of conditions a refresh token become invalid? Thanks.

[Nadine Sundquist (AdWords API Team)]

Hi,

Our OAuth 2.0 Authentication guide provides information on access and refresh tokens. An OAuth 2.0 refresh token does not expire. Refresh tokens are valid until the user revokes access.

Regards,

Nadine, AdWords API Team

[Hao Li]

Thanks for replying. The reason I asked this question is we met the error "AuthorizationError.USER_PERMISSION_DENIED" when using access tokens to pull reports from AW. It is weird, because it worked before. After we got and used a new refresh token, the error is gone. Hence, we suspect somehow the old refresh token is void. We want to know its root cause so that it can be avoided in future. Can you help us to find the root cause? 

BTW, can you explain how user revokes access? 

[Nadine Sundquist (AdWords API Team)]

Good day,

I'm not able to determine the root cause. Check out this page on revoking a token.

Best,

Nadine, AdWords API Team

[Lajpat Bishnoi]

Adding to Nadine response
A token might stop working for one of these reasons:
1) The user has revoked access.
2) The token has not been used for six months.
3) The user account has exceeded a certain number of token requests. There is currently a 25-token limit per Google user account. If a user account has 25 valid tokens, the next authentication request succeeds, but quietly invalidates the oldest outstanding token without any user-visible warning. 

Please correct me if i am wrong.