facing Invalid Refresh Token Issue


We are accessing sugarcrm application from multiple environment using one demo instance with same client id and client secret.

The scenario is with one demo instance and same client credentials

1. On first environment , if we test connection ,will get access token a1 and refresh token r1

 On Second environment with same demo instance and same credentials if i tried to execute test connection parallely,i will receive new access token  a2 as well as new refresh token r2 

first environment received  access token a1and refresh token r1 will become invalid. 

Is this expected behaviour from sugarcrm application end. Can you please confirm?

  •   this is the expected behavior. Only 1 user can be logged in to Sugar at a time per platform. You can add additional platforms under Admin in Configure API Platforms. When you access your token, one of the parameters is "platform" use this to set a different platform per your application.

    "client_secret": "",
    "platform":"PLATFORM per application"

  • Hi Jeff,                                                                                                                                                                                            1.Can you help me to understand "use of platform"? is the only reason to avoid above conflict (parallel access)? or adding platform in access token request body is having specific reason?                                                                                                 2.Do we have any API to register custom platform?                                                                                                                    3.I found one observation that if i use "mobile" as platform in access token request body, and hit target with two access token api call one after another, previously(1st from two hits) returned access and refresh token is still remaining valid. but this behaviour i am not seeing with my new custom configured platform or any other platforms.

    Is it the way platform is defined making the difference?

    Can you provide your input to above queries? and some document to refer it


  • Hi Jeff,

    can you answer  below queries for access token api call for platform parameter

    If nothing is entered, is something defaulted by the SugarCRM authentication? Could that default cause problems later on if the value is not as expected?


    Which one should we be using for all our interaction (“base”)?



  • Hi ,

    I'd recommend you to search in SugarClub for the existing posts. 

    One of the good explanation can be found here: 

    The post is quite old therefore the links are dead already however if you replace with sugardeveloper.wordpress.com you should be able access them.

    Hope it helps.

    Tevfik Tümer
    Sr. Developer Support Engineer