I am having issues with the Oauth2 set up. I Have a quickbooks Online link that is working with out issues, and a Nocodb set up that is also working with out issues, and a few others, but this custom one is not refreshing and giving me issues. Ive read through a few of the other posts regarding token refreshing and i cant seem to find anything magic bullet that would help here. hopefully i did not miss anything.
When i click connect, it opens up and connects properly, but when i close the window it shows me this screen, as if it didnt work.
When i use the credentials in a graphql or http request they work for the hour the token is active, but once the hour is up, the tokens do not refresh and i get the error message 401, unauthorized, or “access token expired”. Problem is the flow continues going with this error as the output so it seems like its working even though its not.
I am a beginner when it comes to this stuff, so thank you in advance to anyone that can help!
@Ludwig - I am also having issues with oauth2 where our JWT token works for an hour then expires and doesn’t refresh. Is there a setting in n8n to have it look for the refresh token early or try to refresh the token before it expires?
The API I’m using is an internal one but supposedly the JWT tokens expire after an hour and the refresh tokens last 30 days.
There is no setting, as long as the server returns a 401 response we should be using the refresh token to get a new valid token for auth.
Can you make sure your refresh url is correct and that your service returns a 401 and also try using the 1.54 release of n8n to see if that changes anything.
Hey @Jon is it possible to check if the Oauth2 API credential type is taking the newest refresh token when a new access token is refreshed?
From my end, this is how our API authentication is coded:
Access token has a TTL of 24 hours
Refresh token has a TTL of 30 days
What I noticed is that every 30 days my workflows breaks and I need to reconnect every API client.
This kinda tells me the Oauth2 API credential type is only saving the refresh token the first time you connect and hence it keeps using it until the TTL is valid, and not updating both the new access token and refresh token once a new access token is provisioned, in this case every 24h.
n8n version is 1.44.1 running on the Community Edition
At the moment I know other OAuth credentials are ok like Google so this sounds specific to this service at the moment.
When an expired token is used does your API return a 401 status or something else? We don’t check inside a JWT to see what the expiration is and we rely on the service returning the status code we expect.
We don’t have a way to output the requests for oauth for security reasons, The best you could do is export the credential decrypted and see if it has changed but it will only change when we get the response we expect. I have seen services use a 400 response and even a 200 response when authentication fails which can cause an issue.
