You need to sign in to do that
Don't have an account?

Problem with refresh_token
I am unable to refresh an access_token using the rest api. I am making the following POST:
POST /services/oauth2/token HTTP/1.1
Host: login.salesforce.com
Content-Type: application/x-www-form-urlencoded
grant_type=refresh_token&client_id=<cid>&client_secret=<cis>&refresh_token=<rt>
with appropriate vales for <cid>, <cis> and <rt>. I am getting a 400 error with the following values returned:
{
"error": "invalid_grant",
"error_description": "token validity expired"
}
Does anyone know what is going on? When I pass in a known invalid refresh_token I get a different error:
{
"error": "invalid_grant",
"error_description": "expired access/refresh token"
}
So, I think my refresh token is valid. I can't find any information explaining the meaning of "token validity expired". I have tried the refresh immediately after receiving the refresh_token and after waiting for a few hours. Any help would be appreciated.
Hello,
If a single user grant access to the same app multiple times, after 5 grants, older grants are being revoked by salesforce automatically, thus the previously issued refresh token are not longer valid.
Refer: https://help.salesforce.com/HTViewHelpDoc?id=remoteaccess_request_manage.htm&language=en_US
Vinita_SFDC,
I had come across the 5 grants limitation when searching for a solution to my problem. However, I am trying to use the very latest refresh_token and not an older token. As well, I checked the remote access application grants and there were less than 5 issued. When I try to use a refresh_token that I have explicitly revoked, I get the error "expired access/refresh token" and not "token validity expired".
Refresh token is valid until revoked
Above settings fixed the issue for me.