Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Invalid refresh tokens after apppool recycle #430

joelnotified opened this issue Aug 18, 2017 · 3 comments


None yet
3 participants
Copy link

commented Aug 18, 2017

I have password flow with refresh tokens set up according to your examples and everything works as expected when running on localhost.

When deployed to IIS, we receive a 400 Bad Request {"error":"invalid_grant","error_description":"The specified refresh token is invalid."} when trying to refresh a token after the application pool has been recycled.

I'm guessing there is something that is being held in memory regarding the refresh tokens, and that memory is dropped when the pool is recycled.

Is this the expected behaviour or should a refresh work after a recycle?


This comment has been minimized.

Copy link

commented Aug 18, 2017

Hi @joelnotified,

When deploying your app to IIS, you must configure Data Protection to ensure it uses a persisted key ring. See for more information.


This comment has been minimized.

Copy link

commented Aug 21, 2017

That did the trick. Thank you! Haven't read up on .NET Core enough I guess.


This comment has been minimized.

Copy link

commented Oct 2, 2018

If you stumble across this issue, various solutions can be found here:

Running this shell script for every AppPool seems to be the best solution.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.