Αυτός ο ιστότοπος θα έχει περιορισμένη λειτουργικότητα, όσο εκτελούμε εργασίες συντήρησης για να βελτιώσουμε την εμπειρία σας. Αν ένα άρθρο δεν επιλύει το ζήτημά σας και θέλετε να κάνετε μια ερώτηση, η κοινότητα υποστήριξής μας είναι έτοιμη να σας βοηθήσει στο Twitter (@FirefoxSupport) και στο Reddit (/r/firefox).

Αναζήτηση στην υποστήριξη

Προσοχή στις απάτες! Δεν θα σας ζητήσουμε ποτέ να καλέσετε ή να στείλετε μήνυμα σε κάποιον αριθμό τηλεφώνου ή να μοιραστείτε προσωπικά δεδομένα. Αναφέρετε τυχόν ύποπτη δραστηριότητα μέσω της επιλογής «Αναφορά κατάχρησης».

Μάθετε περισσότερα

Why does Thunderbird OAUTH2 token expire every 6 months?

  • 6 απαντήσεις
  • 0 έχουν αυτό το πρόβλημα
  • 1 προβολή
  • Τελευταία απάντηση από Matt

more options

I thought Thunderbird was supposed to manage and automatically renew OAUTH2 tokens once they'd been set up correctly (or use tokens that don't expire). This doesn't seem to be working for me. According to my TB log, the tokens seem to automatically expire every 6 months. And because there are separate tokens for sending and receiving, every time the tokens expire, I have to re-authenticate twice on each of my mail accounts.


Is the 6 month expiration a feature of the OAUTH2 protocol. Is token expiration a Thunderbird feature or a bug? I'm using a Google Workspace/Gsuite (aka gmail). Is the forced token expiration a gmail feature?

Is there any way to disable or lengthen the OAUTH2 token expiration period?

I thought Thunderbird was supposed to manage and automatically renew OAUTH2 tokens once they'd been set up correctly (or use tokens that don't expire). This doesn't seem to be working for me. According to my TB log, the tokens seem to automatically expire every 6 months. And because there are separate tokens for sending and receiving, every time the tokens expire, I have to re-authenticate twice on each of my mail accounts. Is the 6 month expiration a feature of the OAUTH2 protocol. Is token expiration a Thunderbird feature or a bug? I'm using a Google Workspace/Gsuite (aka gmail). Is the forced token expiration a gmail feature? Is there any way to disable or lengthen the OAUTH2 token expiration period?

Τροποποιήθηκε στις από το χρήστη bruceadler

Όλες οι απαντήσεις (6)

more options

I forgot to mention that it's a POP3 email account (not sure if that matters).

more options

bruceadler said

I'm using a Google Workspace/Gsuite (aka gmail). Is the forced token expiration a gmail feature? Is there any way to disable or lengthen the OAUTH2 token expiration period?

It would seem so https://www.google.com/search?client=firefox-b-1-d&q=forced+token+expiration+oauth+

6 months seems reasonable to me.

more options

That's an optional feature of Apigee. So far I haven't yet seen anything which says Gmail implements an expiration of its refresh tokens.

more options

https://developers.google.com/identity/protocols/oauth2 The google documentation leads me to think the settings are in the administrator purview when using workspace. I have never has to re =-authenticate my free google account in Thunderbird on a timed basis, but I have not changed the password either. THat apparently immediately invalidates the token.

more options

I'm absolutely positive the password didn't change. The old password still works just fine.

Checking the Gsuite/Workspace admin pages was the first thing I thought of. I've been all over the Gsuite/Workspace admin pages and couldn't find anything that would allow me to disable or change the OAuth2 Refresh expiration time. There is is an admin page to revoke authorization from a device (ie log out a device), and another to revoke an app permission. But I'm certain I didn't revoke any permissions via the admin pages.

In fact, one of my computers running Thunderbird POP3 on the same account was logged in more recently (5/20/22 versus 4/12/22) and it kept on functioning without having to re-authorize via a google login.

more options

I have no idea. Perhaps antivirus? They tend to do all sorts of SSL/TLS certificate substitution and generally mess up communications in the vain attempt to scan encrypted traffic.

The link I provided lists a number of causes, as well as a link to the admin console information.