Auto OAuth Refresh

Fresh access tokens on every request. Rotation handled — including the providers that rotate refresh tokens too.

Auto OAuth Refresh

OAuth access tokens expire. Some providers — Microsoft Graph, GoHighLevel — also rotate the refresh token on every use. Miss one rotation and the integration is dead until someone reconnects.

MCP Factory handles all of it.

What gets refreshed

  • Google OAuth: Ads, Search Console, Gmail, Calendar, Drive, Sheets
  • Microsoft Graph: OneNote, Outlook, Teams, OneDrive
  • GoHighLevel: company tokens + per-location token exchange
  • Any provider with a standard OAuth 2.0 refresh flow

The rotation-token problem

Microsoft and GHL invalidate the refresh token after it’s used. If two MCP servers try to refresh the same token at once, one wins and the other locks you out. MCP Factory serializes refresh per-credential and writes the new refresh token back to the vault atomically — so the next request gets the latest token, every time.

Endpoint contract

Your MCP server calls one endpoint:

GET /api/credentials/google/{service}/token

It returns a fresh access token. That’s it. No client secret in your env, no refresh logic in your code.

Start Free Trial

Ready to get started?

Start your free trial today. No credit card required.

Start Free Trial Book a Demo
Try MCP Factory free — self-host or hosted
Start Free Trial →