The grant was issued for another authorization server & how long do refresh tokens last?

Hi,

I’m trying to implement the Authorization Flow via Python(https://developer.okta.com/authentication-guide/implementing-authentication/auth-code/#_1-setting-up-your-application)

I believe I’m almost at the finish line. I’m running into an issue when trying to use the Authorization Code I’m getting this error:

{"error":"invalid_request","error_description":"The grant was issued for another authorization server."}

Can anyone let me know how to trouble shoot this?

In case anyone else runs into this. This will occur if you didn’t use default in your authorize URL but did in your token url

Now that I’m passed that. In the instructions for using refresh tokens

It mentions getting a new Access Refresh Token Pair do I need to update my refresh token each time I get a new access token?

Hi @mkwyche

No, you don’t need to update your refresh token. It will keep the same value and lifetime that is set under the policy of the authorization server (Admin >> (Security) >> API >> Authorization Servers >> default >> Access Policies >> policy >> policy rule).

If the refresh token expires, then you would need to do a request to Okta to get a new one.

1 Like

@dragos Thanks for the reply.