OAuth2 - newest refreshtoken not being used - waiting for token to expire?

Hi guys,

I’m using the built-in OAuth2-authentication to access a main ledger provider in Sweden. I talked to their support and they claim that my requests keep using the same refresh-token that once was issued a month ago (which is valid for 45 days) but “ignoring” the new refresh-token that is handed out everytime the access-token is being refreshed.

The newest refresh-token should be used in order not to have to manually go through the auth-process again. The key here is not to let the refresh-token expire.

Am I doing something wrong, missing a setting somewhere or what’s your thoughts?

I’d be greatful for every bit of suggestion that might lead me to a solution.
Thanks!

Selfhosted (1.76.3)
Docker

Could you show your oauth credential setup (blur/remove half of keys)?

Without knowing much else, my best suggestion is to manually store the refresh + auth token in a google sheet or database, and before every request, manually refresh and update new entries into the db. We have to do that with a few custom oauth integrations.