Hi cwillian,
If you see: invalid_grant: Token has been expired or revoked,
it usually means Google has invalidated the refresh token (commonly after 7 days in Testing mode).
Follow these steps to resolve it:
In Google Cloud (GCP)
1. Publish your OAuth consent screen
• Move from Testing → Production to prevent refresh tokens from expiring after 7 days.
• GCP Console → APIs & Services → OAuth consent screen → Publish App.
2. Verify scopes and redirect URIs
• Must match exactly with those configured in your Nylas Connector.
3. Revoke existing access
• In your Google Account → Security → Third-party apps with account access → Manage access
• Revoke access for your app from the Google account (Google Account → Security → Third-party apps) to reset the token issuance and set a new one.
In Nylas Dashboard
1. Confirm redirect URIs and scopes match the ones in GCP.
2. Ensure your Hosted Auth request includes:access_type=offline, prompt=consent
For Testing & Debugging
• Force re-authentication after revoking access or use a new Google user.
• Inspect Nylas’ /v3/connect/token response — it should include a “refresh_token”.
• If missing, Google didn’t issue one (common when prompt=consent or access_type=offline are omitted).
After these steps, your app will be in Production, refresh tokens will persist beyond 7 days, and users won’t need to re-authenticate unless they revoke access or reset their Google account security.
Let us know if you have any questions.
