Skip to main content

Automatic token refresh

Nango automatically refreshes OAuth access tokens before they expire. You don’t need to implement any refresh logic in your application. To prevent token revocation due to inactivity (some APIs revoke unused refresh tokens), Nango refreshes each access token at least once every 24 hours.

Handling refresh failures

Token refresh can fail for various reasons:
  • The user revoked access in the external application
  • The external API revoked the refresh token
  • The external API experienced an outage
When a refresh fails, Nango can notify your app via webhook so you can prompt the user to reconnect.

Best practices

Revoked access tokens and refresh failures happen to all integrations. To handle them gracefully:
  1. Monitor for failures: Set up webhooks from Nango to receive notifications when token refresh fails
  2. Handle revoked tokens: Follow our guide on handling revoked access tokens
  3. Implement re-authentication: Make sure you have the re-authentication flow in place so users can easily reconnect broken connections
Questions, problems, feedback? Please reach out in the Slack community.