HTTP OAuth2 Connection to Gmail and Google API fails after 60 mins due to token expiry
I am using the HTTP OAuth2 Connector to connect to Gmail and Google API to access some functionality that Workato doesn't support at the moment.
I am able to establish the connection and my recipes work fine. However, after 60 minutes from establishing a successful connection, my recipes start failing. I get this error message from my Gmail/Google API HTTP steps:
No automatic OAuth refresh available, needs user re-authorization
The reason you are experiencing this error is because the access token returned by Gmail and Google API expire after 60 minutes.
For this to work, you need to additional auth URL parameters in your connection setup. The addtional params will tell Google to return the access token WITH a refresh token. The refresh token will allow Workato to fetch a new access token whenever the previous one expires.
OAuth2 auth URL forGoogle API:
- Google API requires 1 additional param: Access type: offline (more info here)
The reason you are experiencing this error is because the access token returned by Gmail and Google API expire after 60 minutes.
For this to work, you need to additional auth URL parameters in your connection setup. The addtional params will tell Google to return the access token WITH a refresh token. The refresh token will allow Workato to fetch a new access token whenever the previous one expires.
OAuth2 auth URL forGoogle API:
- Google API requires 1 additional param: Access type: offline (more info here)
Saul Macht
HTTP OAuth2 Connection to Gmail and Google API fails after 60 mins due to token expiry
I am using the HTTP OAuth2 Connector to connect to Gmail and Google API to access some functionality that Workato doesn't support at the moment.
I am able to establish the connection and my recipes work fine. However, after 60 minutes from establishing a successful connection, my recipes start failing. I get this error message from my Gmail/Google API HTTP steps:
No automatic OAuth refresh available, needs user re-authorization
401 Unauthorized: { "error": { "errors": [ { "domain": "global", "reason": "authError", "message": "Invalid Credentials", "locationType": "header", "location": "Authorization" } ], "code": 401, "message": "Invalid Credentials" } }
What can I do to resolve this?
Hi Saul,
The reason you are experiencing this error is because the access token returned by Gmail and Google API expire after 60 minutes.
For this to work, you need to additional auth URL parameters in your connection setup. The addtional params will tell Google to return the access token WITH a refresh token. The refresh token will allow Workato to fetch a new access token whenever the previous one expires.
OAuth2 auth URL for Google API:
- Google API requires 1 additional param: Access type: offline (more info here)
https://accounts.google.com/o/oauth2/auth?scope=XXXX&response_type=code&redirect_uri=https%3A%2F%2Fwww.workato.com%2Foauth%2Fcallback&access_type=offline
OAuth2 auth URL for Gmail:
- Gmail's API requires 2 additional params, 1) Access type: offline, 2) Approval prompt: force (more info here)
https://accounts.google.com/o/oauth2/auth?response_type=code&scope=XXXX&access_type=offline&approval_prompt=force
CJ Wee
Hi Saul,
The reason you are experiencing this error is because the access token returned by Gmail and Google API expire after 60 minutes.
For this to work, you need to additional auth URL parameters in your connection setup. The addtional params will tell Google to return the access token WITH a refresh token. The refresh token will allow Workato to fetch a new access token whenever the previous one expires.
OAuth2 auth URL for Google API:
- Google API requires 1 additional param: Access type: offline (more info here)
https://accounts.google.com/o/oauth2/auth?scope=XXXX&response_type=code&redirect_uri=https%3A%2F%2Fwww.workato.com%2Foauth%2Fcallback&access_type=offline
OAuth2 auth URL for Gmail:
- Gmail's API requires 2 additional params, 1) Access type: offline, 2) Approval prompt: force (more info here)
https://accounts.google.com/o/oauth2/auth?response_type=code&scope=XXXX&access_type=offline&approval_prompt=force
2 people like this
Jeremy Farber
Saul,
Wow you had the exact same issue as me.
1 person likes this