Xero - beautiful accounting software

Xero Developer Help Center

Xero Developer Community

Community > Partner Program >

The access token is not valid on Token Renew

Started by Plate IQ Plate IQ -   in Partner Program

Hello,

We have a partner app and are having trouble renrewing the access_token on a partner app... The token works great for 30 minutes but then when trying to renew it calling the renew API I get the error

oauth_problem=token_rejected
oauth_problem_advice=The access token is not valid'

My problem is that this error is not mentioned on the errors list
https://developer.xero.com/documentation/auth-and-limits/oauth-issues

Do you know what this happens?

Thanks!
Arturo
I am also facing the same issue. Why is this happening?
I have a user who has more than 40 organizations in xero. All the tokens are expired. While trying to renew I am getting this error. How to solve this.
Thanks in advance
 

Nikin Jasani  

Hello,

It turned out it was my own error. When you call the API you get a new token and at that moment the old API becomes `not valid`... My issue was that I wasn't persisting the new token in the database so I was doing calls with the previous now invalid token. Be sure to replace the old token with the new one :D

Good luck with your problem.

Cheers
Arturo
 

Plate IQ Plate IQ  

I have just found two conditions where this can occur.

1. If two calls to our application cause a token refresh simultaneously one will fail as the token has been refreshed. I handle this by using recursion to call the refresh function again and it uses the new token.
2.If a CURL call to Xero times out Xero appears to create a new token but the token I'm storing is not updated and subsequent attempts to refresh the token get the 'the access token is not valid' message. The only way to fix this is to remove your stored token/session handle and get the client to authenticate the application in Xero again.

@Xero can you add the message to the OAuth Issues list with an explanation as to how this can occur
 

Richard Norton  

Hi everyone, thanks for raising this. I've added this potential API response to the OAuth issues page (https://developer.xero.com/documentation/auth-and-limits/oauth-issues) so it can be understood by others in the future.

Thanks for being a great community!
 

Kody OConnell (Xero Staff)