OAuth2 client credentials flow is not issuing updated tokens after expiry

  • Goal: OAuth2 with Client Credentials Flow uses new token after expiration (instead of continuing to send the expired token to my API)

  • Steps: I have tried adjusting the access token lifespan on the connection details in Retool to a shorter value, logging-out and in again (didn't expect that to work, but why not).

  • Details: Retool is successfully passing the JWT in my authorization header, but on my API side the verification of the JWT says that the expiredAt timestamp is in the past. This is using the client credentials flow, and my understanding is that Retool should just request a new token. I'm unable to find a way to refresh a token using the client credentials flow.

Hi @Daniel_Clarke!

I can't even get the client credentials flow to work at all! I think I have everything set up correctly, but do not think the token is being set in the header. Do you mind sharing some screenshots of your API configuration?

I have some screenshots of my setup in this post: OAuth 2.0 Client Credentials Flow

For the time being, I am working around it by calling for a token refresh periodically and setting it as a variable in my header (just skipping OAuth completely)

Set my authentication token retrieval to run periodically... After it runs I save the token to a variable

Reference the variable in subsequent calls

Hey @Daniel_Clarke, if you Enable an auth verification endpoint on the resource, do you notice any difference? A 200 response from that endpoint should indicate that the token is valid, anything else should trigger the auth flow again to retrieve a new token. Let me know if that gives you any different behavior.

@Jessica_D I'll take a look at your other post now as well.

Hey @Daniel_Clarke, can you also share what IDP you are using to auth against? Thanks!