How to Reset Client Secret Without Manual Intervention

Question

Currently I'm using the steps outlined here: https://developers.google.com/gmail/api/quickstart/python in order to use the gmail API. However, on a weekly basis my token expires and I have to reset the secret, delete the token pickle file and re-download the credentials json.

I am looking for a way to reset the secret without manual intervention. Is this possible?

For some more detail, the code fails when it sees the credentials are expired and it tries to refresh:

if not creds or not creds.valid:
    if creds and creds.expired and creds.refresh_token:
        creds.refresh(Request())
    else:
        flow = InstalledAppFlow.from_client_secrets_file('credentials.json', SCOPES)
        creds = flow.run_local_server(port=0)

Error received: google.auth.exceptions.RefreshError: ('invalid_client: Unauthorized', {'error': 'invalid_client', 'error_description': 'Unauthorized'})

Which is when I normally would go to the API Console->reset the secret->download json file->delete token.pickle and then re-run.

I haven't tried any other api methods yet. Most things I have found when searching involve getting credentials, but not resetting the secret. If there is an api methodology for this already I haven't seen it.

Answer 1

how to reset secret

There is no way to programmatically create a new credentials.json file, this must be done manually by the developer

Your real issue.

The issue you are having is that your application is still in the testing phase. Application sin the testing phase have their refresh tokens expired after seven days

To fix this simply set your application to production in google cloud console on the oauth2 consent screen.

If you check the documentation for expiration it states

A Google Cloud Platform project with an OAuth consent screen configured for an external user type and a publishing status of "Testing" is issued a refresh token expiring in 7 days.