Troubleshooting disconnected OAuth integrations in Airtable

Why does Airtable revoke integrations?

At times, you may encounter scenarios where a third-party OAuth integration has been revoked by Airtable. When this occurs, you will receive an email with the following message:

This article will help explain why this occurs and what to do when an integration is revoked.

Third-party tools are able to use OAuth to allow end users to grant access to their Airtable bases and data. Airtable has various security measures in place for OAuth integrations to help keep end-user data safe. If a given third party violates one of these security measures in their OAuth setup, Airtable will automatically revoke the integration and no longer allow access to the data to ensure it is protected.

What to do if you are an end user of the integration?

We first recommend attempting to reauthorize the integration to see if the issue persists. You'll need to use the authorization UI provided by the integration (please reach out to the integration’s support team or review their help documentation if you’re unsure where to find the Airtable authorization “flow”), Please note that the OAuth misconfiguration on the Integration’s side could cause this to occur again in the future until they fix the underlying issue.

If reauthorizing the integration doesn't resolve this issue, please reach out to the third-party integration's support to let them know of the issue. They can then reach out to Airtable support directly and work with us to determine the issue with their OAuth integration setup.

What to do if you are the developer of the integration?

The most common reason for revocations is when a refresh token is used in a request, and that request is rejected by the server (e.g. we return a response code of 400 or 401). This error message usually occurs when making refresh requests with refresh tokens that are no longer valid. A refresh token stops being valid after:

• 60 days since the issuance of the token.

• The token has been used successfully to refresh a token (upon which, new tokens are issued).

• You attempted to refresh a token, but the server responded with a 400 or 401 response code.

Please also note with your OAuth Integration setup:

• If the OAuth application retries a refresh request using an old token after the grace period for duplicate refreshes expires, the token is revoked.

• If an OAuth application sends the wrong credentials with a request (e.g. after rotating a client secret) access will be revoked.

Please check your OAuth setup regarding the above and adjust accordingly. 

Support interaction guidance

If you are an end user, it is not necessary to reach out to Airtable support, but rather, we advise you to reach out to the third-party's support team, since OAuth integrations are built and maintained by the third party. If the third party is unable to resolve the issue, they can reach out to Airtable support directly for further help.

For developers, if the guidance above has not helped to resolve your issue, then feel free to reach out to our support team. Please include your OAuth integration client ID (note, not the client secret as this is sensitive) when you submit the request.