He didn’t care over the fact that his coworkers hated him, instead using his position to further his knowledge on organic beings. Gixen was slightly conceited, and possessed a vast amount of scientific and medical knowledge. He has given himself internal organs, and wears a small amount of clothing on his lower body. Instead you will get an 'Error 400' and an "invalid_grant" message.Gixen has a hunched over figure, with both mechanical and organic parts. However using the code returned from that request will not work when attempting to get a bearer token from the second URL. Note that the call to the first URL will succeed if you call it with your "Client ID" instead of your "Email address". This applies when calling both of these URL's: And despite Google's misleading naming conventions, they expect you to send the "Email address" as the value of the client_id parameter when you access their OAuth2 API's. In essence, when you add an OAuth2 Client in your Google API's console Google will give you a "Client ID" and an "Email address" (assuming you select "webapp" as your client type). !topic/google-analytics-data-export-api/4uNaJtquxCs Long story short I found that the solution described here worked for me: I ran into this same problem despite specifying the "offline" access_type in my request as per bonkydog's answer. I've written a short article summarizing each item with some debugging guidance to help find the culprit. Use service worker email instead of client ID.There doesn't seem to be any way of knowing whether the user manually revoked access (intentful) or it happened because of a password reset (side-effect).Īpart from those, there's a myriad of other potential causes that could trigger the error: On revocation, the error message follows the same rule as the case before, so you'll only get the "error_description" in the first 12 hours. In December 2015, Google changed their default behaviour so that password resets for non-Google Apps users would automatically revoke all the user's apps refresh tokens. User has reset/recovered their Google password You can check whether your app still has access at the apps permission page. It's rather misleading because you'll assume that the error message is there at all times which is not the case. “error_description” : “Token has been revoked.” Makes sense, but get this: 12 hours after revocation, Google stops sending the error message in their response:
User has actively revoked access to our app
In the OAuth2 spec, "invalid_grant" is sort of a catch-all for all errors related to invalid/expired/revoked tokens (auth grant or refresh token). Although this is an old question, it seems like many still encounter it - we spent days on end tracking this down ourselves.
0 kommentar(er)
