Square access tokens are 30-day lived: refresh failures silently break ingest; must alert.
At a glance
A live alert that fires when Vortex IQ cannot refresh the Square access token for your connection. Square access tokens are short-lived (around 30 days) and are kept alive by a refresh token. If a refresh fails and is not noticed, data ingest stops silently, every other Square card goes stale while still looking plausible. This is the card that protects the trustworthiness of all the others.
| What it counts | The number of Square access-token refresh failures recorded for your connection in the last 24 hours. Sourced from the connector’s OAuth refresh attempts against Square. |
| Channel / source treatment | Connection-level, not channel-level. A token covers the whole Square merchant account, so a refresh failure affects POS, Square Online, and Square Invoices ingest at once. |
| Currency / unit | Count of refresh failures (whole number). Each row shows the connection, the failure reason returned by Square, and the timestamp. |
| Time window | RT (real time), with the alert evaluated over the last 24 hours. |
| Alert trigger | Fires when any refresh failure occurs in the last 24 hours. Because the consequence is silent data loss, the threshold is a single failure, not a count. |
| Roles | owner, engineering |
| Why it is a hero card | Token expiry is the most common silent failure mode for any OAuth connector. A stale dashboard that looks fine is more dangerous than one that is obviously broken. |
| Typical causes | The refresh token was revoked (merchant disconnected the app or changed permissions), the app credentials rotated, a Square API outage during the refresh window, or scope changes that invalidated the grant. |
Calculation
Calculated automatically from your Square Online data. See the At a glance summary above for what the metric tracks and the worked example below for a typical reading.Worked example
A US lifestyle brand on Square. One store, a Square Online storefront, and Square Invoices for wholesale. The connection has run cleanly for months until the alert fires on 14 Mar 26.| Connection | Token age at failure | Refresh attempts (24h) | Failure reason | Status |
|---|---|---|---|---|
| Square (production) | ~30 days | 3 | unauthorized (refresh token invalid) | Ingest paused |
| Square (sandbox / test) | n/a | 0 | none | Healthy |
| Refresh failures (this card) | 3 | Alerting |
- The dashboard did not look broken before the alert. Every Square card kept showing its last successful read, which looked like a normal quiet day. Without this alert, the merchant might have spent days trusting numbers that had stopped updating. The refresh failure is the only signal that the data behind the other cards has frozen.
- Three attempts then a hard alert. The connector retried the refresh a few times in case the cause was transient, a brief Square outage clears itself. When the retries also failed with
unauthorized, the cause was clearly the grant itself, not the network, so the alert escalated immediately. - The fix is a reconnect, not a retry. An invalid refresh token cannot be revived by retrying. Someone with access to the Vortex IQ workspace needs to reconnect Square through the connector settings, which runs a fresh OAuth grant and issues a new token pair. Until then, ingest stays paused.
Sibling cards merchants should reference together
| Card | Why pair it with OAuth Token Refresh Failure |
|---|---|
| Total Revenue | The headline that goes stale first. If revenue looks suspiciously flat, check this card before assuming a real slowdown. |
| Total Orders | A frozen token freezes order ingest. A sudden plateau in order volume with no demand-side cause is a classic symptom of a refresh failure. |
| Active Locations | If location data stops updating, the location context behind every per-location card is stale. This card explains why. |
| POS to Online Inventory Drift Alert | Inventory alerts depend on fresh data. A paused ingest means drift and oversell could be building unseen. Restoring the token restores those safeguards. |
| Oversell Risk (negative on-hand projected) | Same reason. A stale connection blinds the oversell projection, so a token failure is also an inventory-safety failure. |
Reconciling against Square
Where to look in the Square Dashboard: Square Dashboard, Settings, Account & Settings, Connected apps / App integrations. Confirm that the Vortex IQ connection is still present and authorised, and that no one has revoked it. If the connection is missing or shows reduced permissions, that explains anunauthorized refresh failure. Developers can also review token and webhook activity in the Square Developer Dashboard for the application.
Other places that look relevant but aren’t the fix:
- Connected apps list: this is where you confirm the grant still exists. If the app was removed, reconnect from the Vortex IQ side.
- Square Developer Dashboard, OAuth: shows the application’s OAuth configuration and recent token activity. Useful for diagnosis, but the reconnect happens in your Vortex IQ workspace.
- Square status page: rules out a Square-side outage as the cause of a transient failure.
- Square Dashboard, Sales reports: confirms Square still has the data, which proves the gap is on the ingest side, not the merchant side.
| Reason | Direction of divergence |
|---|---|
| Transient Square outage. A brief API issue during the refresh window can fail a refresh even though the grant is valid. | Self-resolves; the next successful refresh clears the alert |
| Revoked grant. The merchant disconnected the app or changed scopes in Connected apps; Square is healthy but the token is gone. | Requires a reconnect from Vortex IQ |
| Rotated app credentials. If the application’s client secret was rotated, existing refresh tokens can be invalidated. | Requires a reconnect |
| Clock or retry timing. A refresh attempted right at the expiry boundary can fail and succeed on the next attempt. | Self-resolves on retry |
| Card | Expected relationship | What causes legitimate divergence |
|---|---|---|
| Any Square Online card | All depend on a valid token | Every Square card shares the same connection token. A single refresh failure stales them all simultaneously, which is why this card is treated as the connection’s heartbeat. |
shopify.oauth-token-refresh-failure | Same failure mode, different platform | Shopify tokens have different lifetimes and refresh mechanics. The concept is identical: a silent auth failure stops ingest. |