OAuth2 API

kdarcy · December 23, 2025, 2:43pm

Describe the problem/error/question

Hi folks, does the OAuth2 API credentials type support a grant type of refresh token? If so, can someone point me to an example of how to implement / use it?

musharraf39 · December 23, 2025, 3:17pm

I had the same issue with OAuth2 in n8n a while back. What worked for me was making sure the redirect URI registered in the API application matches exactly what’s in n8n, even the trailing slash matters. Also double check you’ve got the correct scopes that the API requires because some APIs are really sensitive about that. If the problem persists try deleting the credential and creating it fresh, sometimes it’s just old cache causing issues. Another thing, look at the exact error message because it usually gives you a hint where the problem is whether it’s the client_id or secret or even the endpoints themselves. If you can share more details about which API you’re trying to connect I might be able to help more but generally these steps solved it for me.

KhemOptimal · December 23, 2025, 7:21pm

Hi @kdarcy ,

There is no credential type that supports a refresh token by itself. Looks like those oauth credentials in n8n handles the refreshing under the hood. If you need to pull out the actual access token for something like SOAP, then you can try looking at this question where I list 2 ways to go about it: Microsoft Ads API SOAP + n8n conflict - #5 by KhemOptimal

(Note; there may be a community node that you can use as well, but nothing I’ve treid.)

Khem

musharraf39 · December 23, 2025, 7:38pm

Yes, n8n’s OAuth2 API credential supports refresh tokens. Here’s how to set it up:

In your OAuth2 API credentials:

Grant Type: Select “Authorization Code”

Access Token URL: Your API’s token endpoint

Auth URL: Your API’s authorization endpoint

Scope: Required scopes from your API

Authentication: Send as “Body” (most common)

For refresh token to work:

Make sure your API returns refresh_token in the initial token response

n8n will automatically use it to refresh when access token expires

The refresh happens transparently in the background

Important settings:

✓ Use the “OAuth2 API” credential type (not Generic OAuth2)

✓ Client Authentication: “Body” or “Basic Auth Header” (check your API docs)

✓ Scope: Must include offline_access or similar if required

Common issues:

Missing offline_access scope (Google, Microsoft APIs need this)

Wrong Client Authentication method

API doesn’t support refresh tokens at all

To verify it’s working:

After connecting, wait for token to expire

The workflow should automatically refresh without re-authentication

Check execution logs to see token refresh happening

Which API are you trying to connect? Some APIs have specific requirements for refresh tokens

KhemOptimal · December 23, 2025, 7:45pm

@musharraf39 , grant type of “Authorization Code” is different from grant type of “Refresh Token”. I think OP wants the latter. See this: OAuth 2.0 Refresh Token Grant Type

Khem