We're making a change to howscopeswork with refresh tokens when an app is reauthorized for an account that already has the app connected.
What's changing?
When a user reauthorizes an app that is already connected, scopes that are no longer selected for the app in its auth settings will be removed from therefresh token.
This will only happen if the scope has been completely removed from the auth settings. Scopes that are still set in the auth settings that were already authorized by the app will remain on the refresh token.
Why is this changing?
Along with the new advanced scope settings, this change is designed to make sure that the scope settings for the app represent all of the possible permissions and scopes that an app has access to. This change will help remove unused scopes from existing installs.
When is this happening?
This change will be enforced on new authorizations beginning onAugust 26for any apps that have enabled advanced scope groups. We strongly recommend enabling this option and testing your scopes beforeadvanced scope group settings are required for all apps.
This will only affect new reauthorizations going forward. No existing refresh tokens or access tokens will be changed without going through the authorization process.
Please let us know if you have any questions by replying below.