Linear OAuth refresh token invalid_grant — What it means & how to fix it

Integrating with Linear's API using OAuth 2.0 can lead to refresh token failures, commonly manifesting as "invalid_grant" errors, which disrupt various automated processes. These errors typically occur due to token lifecycle issues such as using expired, revoked, or stale tokens, often exacerbated by refresh token rotation practices. To address these errors, it's crucial to always use the latest refresh token, verify the correctness of refresh requests, and handle token refresh concurrency carefully. If a token issue persists, re-authorization is necessary. Preventative measures include refreshing tokens proactively, ensuring single-flight refresh operations, and monitoring for invalid_grant trends. Additionally, tools like Nango can automate the token refresh process and handle OAuth edge cases, reducing the complexity of managing token lifecycles in Linear API integrations.