Renew tokens #849

ihor-monochkov-enverus · 2025-07-24T08:29:57Z

ihor-monochkov-enverus
Jul 24, 2025

I have both access_token and refresh_token expired. But credentialsManager.hasValidCredentials returns true, which means my session is still valid and I can call credentialsManager.awaitCredentials.

Doc says:

Check credentials existence: There are cases were you just want to check if a user session is still valid (i.e. to know if you should present the login screen or the main screen). For convenience, we include a hasValidCredentials method that can let you know in advance if a non-expired token is available without making an additional network call.

hasValidCredentials checks only for refreshToken == null here, but it does not check whether refresh_token exists, but invalid.

Result: when app starts I check hasValidCredentials -> it returns true -> I call credentialsManager.awaitCredentials -> it throws CredentialManagerException with code=invalid_grant and description=Unknown or invalid refresh token.

From what I understand, it is impossible to check whether refresh_token is still valid before actually renew credentials, right? This means you cannot check whether refresh_token is invalid in hasValidCredentials function. That's why we have to handle code=invalid_grant when trying to get credentials using awaitCredentials.
Is it correct? Or can you maybe somehow check whether refresh_token is already expired in hasValidCredentials function?

Answered by pmathew92

Jul 24, 2025

Hi @ihor-monochkov-enverus , You are right . Has validCredentials doesn't has any option to check if the refresh token has expired or not . The only way to check if the refresh token has expired or not is via making the network call to renew the credentials and handling the invalid_grant code. You can also increase the lifetime of your refresh_token from the application settings in your dashboard. Let me know if you need any more support

View full answer

pmathew92 · 2025-07-24T09:01:38Z

pmathew92
Jul 24, 2025
Collaborator

Hi @ihor-monochkov-enverus , You are right . Has validCredentials doesn't has any option to check if the refresh token has expired or not . The only way to check if the refresh token has expired or not is via making the network call to renew the credentials and handling the invalid_grant code. You can also increase the lifetime of your refresh_token from the application settings in your dashboard. Let me know if you need any more support

3 replies

ihor-monochkov-enverus Jul 24, 2025
Author

Got it. Thanks!

ihor-monochkov-enverus Jul 24, 2025
Author

@pmathew92 Maybe you can modify doc somehow, because this sentence (There are cases were you just want to check if a user session is still valid (i.e. to know if you should present the login screen or the main screen). is not actually valid if both refresh_token and access_token are expired. Because right now it is a bit confused.

pmathew92 Jul 24, 2025
Collaborator

Hi @ihor-monochkov-enverus , Thank you for pointing it out. I will make the required changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Renew tokens #849

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Replies: 1 comment 3 replies

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Renew tokens #849

Uh oh!

Uh oh!

ihor-monochkov-enverus Jul 24, 2025

Replies: 1 comment · 3 replies

Uh oh!

pmathew92 Jul 24, 2025 Collaborator

Uh oh!

ihor-monochkov-enverus Jul 24, 2025 Author

Uh oh!

ihor-monochkov-enverus Jul 24, 2025 Author

Uh oh!

pmathew92 Jul 24, 2025 Collaborator

ihor-monochkov-enverus
Jul 24, 2025

Replies: 1 comment 3 replies

pmathew92
Jul 24, 2025
Collaborator

ihor-monochkov-enverus Jul 24, 2025
Author

ihor-monochkov-enverus Jul 24, 2025
Author

pmathew92 Jul 24, 2025
Collaborator