Timeouts on OAuth refresh token but access token still works

Hi, I am updating my access token every 29 hours, but recently noticed that it never seems to change. Tracking my OAuth function, I see time-outs on every post message, yet my old, presumably expired access tokens still work. So what’s wrong?

Hi @renepeeren, could you please tell me what kind of integration are you working with? Or are you referring to the Personal Access Token? Thanks.

Hi Ivan, I don’t think we use PATs. The reason why I am not certain is that a colleague worked on this before but left us, and I am trying to take over, still learning. I don’t have access to his account yet (which is another problem I have to solve) but in our AWS application we have refresh tokens and access tokens stored for each hub, and the application sends a request for a new token every 23 hours. So at one stage we used refresh tokens. I think there may be an option in OAuth not to use refresh tokens (true?), maybe he set that up before he left. I think it is unlikely that he set up PATs as I understand it he would have to have done that separately for all hubs we have connected to the system but as said, until I have access to his account (where presumably I can see such things) I can’t be certain. Any help greatly appreciated, although it doesn’t cause problems yet I.am slightly concerned it might at any time, and I’m not sure how long it will take me to get access to his account!

Hi, it says this post thread has been solved? Anyway, I understand now why I am still getting data (because we have not used any request yet that requires an access token) but still not why we get timeouts on the request for a new access token. I managed to get access to the Smartthings developer workspace for the relevant account (by temporary re-creating the original e-mail address and then changing it in the profile to my address). This reply is sent from that account. I went into “External Applications” (I think that is what is meant by “integration?”), I can see the App ID and Client ID and verified that that we indeed use those to get the refresh token. The address we send it to is https://auth-global.api.smartthings.com/oauth/token . Client Secret is not visible so maybe that was changed, although in that case I imagine we would still get a response, whereas we are getting a time-out. So, I suspect it does use refresh tokens and that clearly now the access and refresh tokens I have have expired but I can’t find in the workspace where I can check that, or how I can restart the process. Any help please?

Tagging @AlejandroPadilla : possible connection error

Hi @renepeeren, you can take a look into this documentation for getting information about your OAuth integrations.

Thanks Ivan, that may come in handy. I will first check all the settings in my environment, there may be a security setting or something that might not have been set up properly (although it used to work and I have not changed anything), but I first have to familiarise myself a bit more with that part of AWS. I will post here how I am getting on. From Refresh Tokens - OAuth 2.0 Simplified I understand that once the comms are working again, then given that the refresh tokens have expired, I will have to uninstall and re-install the app again for all users, there is no shortcut?

Hi @renepeeren, actually that question I’m not able to answer because is out of our scope. But, anything else feel free to ask.