laravel-gmail icon indicating copy to clipboard operation
laravel-gmail copied to clipboard

Published 20 hours ago verified publisher icon dacastro4

refresh_token missing

Open i-polaris opened this issue 2 years ago • 4 comments

Hello guys,

I'm facing to one issue with the refesh token, btw i check my gmail-json.json and inside i have the access_token but i didn't have the refresh_token which create some issues

my allow_multiple_credentials is false,

does anyone met this issue before ?

Best

i-polaris avatar Jan 04 '23 04:01 i-polaris

Ok btw i found why after google search :)

https://stackoverflow.com/questions/10827920/not-receiving-google-oauth-refresh-token

The refresh_token is only provided on the first authorization from the user. Subsequent authorizations, such as the kind you make while testing an OAuth2 integration, will not return the refresh_token again. :)

Go to the page showing Apps with access to your account: https://myaccount.google.com/u/0/permissions. Under the Third-party apps menu, choose your app. Click Remove access and then click Ok to confirm The next OAuth2 request you make will return a refresh_token (providing that it also includes the 'access_type=offline' query parameter. Alternatively, you can add the query parameters prompt=consent&access_type=offline to the OAuth redirect (see Google's OAuth 2.0 for Web Server Applications page).

This will prompt the user to authorize the application again and will always return a refresh_token.

i-polaris avatar Jan 04 '23 04:01 i-polaris

@i-polaris you are a life saver!!!

dokicro avatar Oct 16 '23 09:10 dokicro

Ok btw i found why after google search :)

https://stackoverflow.com/questions/10827920/not-receiving-google-oauth-refresh-token

The refresh_token is only provided on the first authorization from the user. Subsequent authorizations, such as the kind you make while testing an OAuth2 integration, will not return the refresh_token again. :)

Go to the page showing Apps with access to your account: https://myaccount.google.com/u/0/permissions. Under the Third-party apps menu, choose your app. Click Remove access and then click Ok to confirm The next OAuth2 request you make will return a refresh_token (providing that it also includes the 'access_type=offline' query parameter. Alternatively, you can add the query parameters prompt=consent&access_type=offline to the OAuth redirect (see Google's OAuth 2.0 for Web Server Applications page).

This will prompt the user to authorize the application again and will always return a refresh_token.

you are genius thanks

zhelinskyy avatar Nov 11 '23 21:11 zhelinskyy