Refresh Token Validity

Refresh token has 15 years validity, yet it is only one time use. Once we generate the access token using the refresh token, it gets invalidated. Any way where I can reuse it again? (I am aware that we get new refresh token when we generate access token).

Which App?
OAuth application

Additional context
Issue is in multi threaded environment, if the access token is generated by one thread(which generates new refresh token), refresh token on the other thread is invalidated. This breaks the application. (We cannot share the refresh token between threads or read it from common location).

Hey @hedaoo.abhishek1993,

Checkout these threads:

Thanks,
Tommy

Hi Tommy.

So, I would like to formally request that “token expiry tolerance” be increased for our PowerSuite Zoom application. Note that this application is multi-tenant account-level OAuth. And, it is a background service. The end user has 0
interaction with the Zoom application (other than doing the first-time authorization of our application to retrieve their Zoom data). We can’t go ask the end-user administrator to go re-authorized our Zoom application because their Zoom access token is now
invalid due to a rare (but has happened) connectivity error receiving the response from the Zoom OAuth server from a token refresh request. It looks bad for us and worse for Zoom.

Thanks,

Katy

Hey @katyle,

We are reviewing your request! (ZOOM-149706)

Thanks,
Tommy

Hi Tommy,

I am not sure what “token expiry tolerance” is?
If increased while the old refresh token be still valid after I use it to generate access token?

Hey @hedaoo.abhishek1993,

It would be valid for one missed refresh each time the tokens are regenerated.

Thanks,
Tommy

Hi Tommy,
I am new on the ZOOM and still understanding how the authorization works.

Please confirm below use case if I have understood it correctly.

(Assuming that we have increased refresh token tolerance)
R - Refresh Token, A- Access Token

  1. R1A1 - I have this on two threads, T1 and T2.
  2. A1 expires
  3. T1 requests for new token using R1. It gets R2A2.
  4. Similarly as A1 has expired,T2 also requests for new token using R1.
  5. Now that tolerance is increased, will T2 get R2A2 or R3A3? Or request will fails for T2?

Hey @hedaoo.abhishek1993, happy to help!

T2 will get R2A2.

Thanks,
Tommy