Skip to main content

Hi community,

when i refresh the oauth token using the calendly api
url: `https://auth.calendly.com/oauth/token`
method: POST

data: 'grant_type=refresh_token&refresh_token=<refresh_token>'
 

it throws bad request error
code: 'ERR_BAD_REQUEST',
response
    data: {
      error: 'invalid_grant',
      error_description: 'The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.'
    }

please help or suggest what could be the issue, we are following the api reference correctly,
this happens when token gets expired multiple times and after multiple times of refresh it throws the above error or let’s say the oauth token expired and later after when refreshing the token throws the above error
 

The most likely cause of this error is that you are trying to re-use a refresh token that has already been used. Each refresh token can be used only once, and the new token you receive contains the next refresh token.

Sometimes this type of error can be caused by race conditions in parallelized code where 2 of your processes try to use the same refresh token at almost the same time, so the first one succeeds and the second one fails. In that case you may need to add locking logic around use of the tokens.


Reply