Google API Refresh Token Expiring [duplicate]

Question

I read here that A Google Cloud Platform project with an OAuth consent screen configured for an external user type and a publishing status of "Testing" is issued a refresh token expiring in 7 days. Does this mean that despite calling the refresh function from within Python, one must manually relogin every 7 days? Am I interpreting this correctly? Or is it possible to automate this such that a new Refresh token is issued for 7 more days all within the code?

I am making this project just for myself, so I see no reason to publish it (I want to keep it in testing), but I need the credentials to never expire (so that my intervention is never required after I generate the first token). Any help is appreciated!

Answer 1

Yes you understand well, so the token expires after 7 days, but pay attention, only in "testing" mode. This mean that you could switch your app in "production" mode and the token won't expired.

But take a look also to another detail, even if in production you will 50 token per your Client user (client-user). Not client_id. This is mean that, for every person that log in your application you can have all of them authenticated max 50 times. Each Refresh token you receive will work. After the 50th the oldest one will stop working. On the other hand the token will works for up to 6 months I think, if it hasn't been used for 6 months it will be invalidated.

So there isn't a way to have a lifetime token, and, for security reason, is a correct approach, by the way Google itself provide an antipattetn that you can use to set a long life token, for info read google long expiration token