Why does refresh token change when generating new access token

We have generated access/refresh token based on User OAuth code using “https://api.zoom.us/oauth/token?grant_type=authorization_code&code={code}” and able to utilize access token…when we look to generate a new access token using the refresh token using “https://api.zoom.us/oauth/token?grant_type=refresh_token&refresh_token={{refreshtoken}}”, the refresh token seems to be updated. I thought the refresh token doesn’t expire for 15 years and so why does a new value get generated every time generating an access token?

The full error message or issue you are running into.

Which App Type (OAuth / Chatbot / JWT / Webhook)?

Which Endpoint/s?

1 Like

Hi @sabraha5, the refresh token is intended to be single use for one transactional exchange of a new access token.

The OAuth process matches the client application’s requested scopes to the individual user’s permissions, allowing a valid access token to authorize the associated APIs within the expiration time of 1 hour.

The refresh token is used in verifying that the user’s permissions, client app scopes, and client app installation (user authorization) all still match, and that a new access token should be provided. This invalidates the previous access token and refresh token pair, providing a new unique pair.

1 Like

hey @michael.harrington…thank you very much for the response/feedback! yeah you know maybe I am reading the documentation incorrectly when it states refresh token is valid for 15 years…maybe if not used to regenerate accesstoken it is valid for that long…but as you stated once accesstoken is regenerated, the refreshtoken also gets regenerated…we have changed our logic to correctly save off the regenerated refresh token…

1 Like

Hey @sabraha5,

Correct! If the access token is never refreshed, the refresh token will be available for 15 years to refresh the token.

But yes, the refresh token regenerates after each refresh. We will make this more clear in our docs! Thanks for your feedback! :slight_smile: