Google OAuth Tokens Refresh

​@jayqb Wow… having a production automation running for more than 1 hour. I’ve built some that run for hours for specialised tasks, but not for unattended use.

OAuth tokens have a lifespan that is defined at the host. In Google’s case, as far as I can determine, the lifespan cannot be extended past 1 hour.

https://developers.google.com/identity/sign-in/web/server-side-flow

This means your automation would have to terminate and wait for the next scheduled execution for the Control Room to get a new token. 

You *may* be able to use an unpublished API to refresh the token. Look at the Network tab of the Developer Tools when clicking the “Test Connection” button in your OAuth screen. I cannot guarantee this call will work consistently or even anytime in the future, but it could force-refresh your token. It could also redirect you to an HTTP page that requires logging into or authenticating to the Google account, so your mileage may vary. (cough… /v2/credentialvault/oauth/client/authorize… cough...)

Yeah — we actually switched from using the Client ID approach over to OAuth specifically to avoid the authorization page popping up periodically and blocking unattended runs, since that manual authorization step defeats the purpose of automation.

I had assumed that using the Disconnect and Connect actions from the Google package would handle refreshing or renewing the OAuth token automatically behind the scenes, but unfortunately it doesn’t seem to behave the way I expected or intended. The token still expires and the process ends up needing manual intervention again.

I’m also not really keen on relying on unpublished or internal APIs to force a refresh — even if it works now, it feels too fragile and likely to break without warning in the future.