What are the possible reasons that can cause token to become expired (besides having the user un-authorising the app)?
My problem is that I have an app with several thousands of users, all API communication works perfectly but for some users I am getting the invalid or expired token
error, my initial though was that they are users who canceled the authentication to the app but I've contacted some of them and they haven't revoked the access.
Any ideas what other issues can cause that error?
Your access token will be invalid if a user explicitly rejects your application from their settings or if a Twitter admin suspends your application. If your application is suspended there will be a note on your application page saying that it has been suspended.
These tokens do not expire but can be revoked by the user at any time. Twitter allows you to obtain user access tokens through the 3-legged OAuth flow, which allows your application to obtain an access token and access token secret by redirecting a user to Twitter and having them authorize your application.
Generating access tokensLogin to your Twitter account on developer.twitter.com. Navigate to the Twitter app dashboard and open the Twitter app for which you would like to generate access tokens. Navigate to the "Keys and Tokens" page. Select 'Create' under the "Access token & access token secret" section.
The “Invalid Token” message indicates that a link has either been used previously, or has expired. To generate a new link, reset your password again through the main login screen. If you continue to have trouble, ensure you are referencing the most current Password Reset link.
Check the integrity of an access token at any time by calling the GET account/verify_credentials while using that access token.
Its mentioned and by research I came to know that:
Your access token will be invalid if a user explicitly rejects your application from their settings or if a Twitter admin suspends your application. If your application is suspended there will be a note on your application page saying that it has been suspended.
Why is my twitter oauth access token invalid / expired ?
Check this post: invalid / expired access tokens.
There is one post in google groups that says:
You don't get a second chance, and this is by design. OAuth requests have a unique signature; once a particular request is submitted, it can't be submitted again. If they enter the pin correctly, all is well, you get an access token. If they enter the pin wrong, you get 401 Unauthorized - which is expected. But if they then try again to enter the pin, even the correct pin shows as unauthorized.
Check this link for the above reference.
Some suggestions by twitter employee for the same problem:
I guess there are two things I would suggest at this point: 1.) Go to your application settings and use the "Reset keys" tab to reset your consumer key and secret, then update those values in the app and verify that you still see the same behavior. 2.) Try passing oauth_callback in your request_token call. Honestly I don't think this will make a difference, but I want to try and be as rigorous as I can here.
Also check this discussion saying:
You need to use the oauth_token and oauth_token_secret returned from the oauth/access_token call instead of the one in your app's settings in dev.twitter.com
I was getting same error then I changed (access_token) to (access_token_key)
and it worked for me.
I hope it will help someone.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With