I’ve built an app similar to gmass.co/inbox I'm using gmail.readonly to help check where our emails land (Inbox, Promotions, Spam, etc.) in specific Gmail accounts before launching email campaigns.
The app works perfectly when I first authenticate and connect the accounts — it fetches the emails and shows their placement correctly.
However, after 2–3 days, the OAuth tokens expire. I wanted to make them last longer, so I purchased an SSL certificate and published the app (though it hasn't been verified yet). This did extend the token lifespan slightly (around 5–10 days), but not much.
The problem began after the OAuth token started expiring for some accounts. I tried removing the expired accounts and re-authenticating them through the OAuth flow.
The issue is: some Gmail accounts reconnect just fine, while others (even though they go through the "Allow access" screen) fail to connect to the app.
I’m not sure if this inconsistency is due to something in my implementation, Google API behavior, or Gmail account-specific settings.
I tried the following:
Removed the expired account from my app.
Re-initiated the OAuth flow and granted access again.
Expected the Gmail account to reconnect successfully and generate a new token.
But instead, for some accounts, the API either:
Throws an error upon token exchange.
Or allows the OAuth flow to complete, but still doesn’t authenticate properly.
I also tried:
Hosting the app on HTTPS with a valid SSL certificate.
Publishing (but not yet verifying) the app in Google Cloud Console.
Still, the issue persists for some accounts only — others work fine.
