Authorization Errors with Apps Script Execution API

A web form was built using the Google Apps Script Execution API and it would only be using to users who have successfully authenticated using their Gmail / Google Apps account. The form data would go into a Google Spreadsheet but, in some case, when the user would submit the form, the script would throw an error.

Authorization is required to perform that action.

This is puzzling because the user has already authenticated through Google OAuth 2.0 and the error is not consistent either. The error 401 Invalid Credentials suggest that the OAuth access token you’re using with the project is either expired or invalid.

The auth token provided by Google automatically expires in one hour. Thus if a person has authenticated the form but leave it unattended for more than an hour, the token would automatically expire and the Google API would return an error saying that authorization is required.

An easy workaround would be to auto refresh the token every 45 minutes. This can be done by calling gapi.auth.authorize with the client ID, the scope and immediate:true as parameters.

// OAuth Token expires every hour, 
// so refresh every 45 minutes

window.setInterval(refreshOAuthToken, 1000*60*45);

function refreshOAuthToken() {
    'client_id': CLIENT_ID,
    'scope': SCOPES,
    'immediate': true
  }, function(r) {
    console.log("OAuth Token Refreshed");

You can go to the Chrome developer’s console and use the expires_at field to know how much time is left before the token will expire.

new Date(gapi.auth.getToken().expires_at * 1000)

Call refreshOAuthToken() and the expires_at field with advance by 60 minutes.