Symptoms

When allowing the browser to save passwords and using the same SugarCRM Administrator "Integration User" within the General Settings, the browser will attempt to pre-populate the "Refresh Token" field with the SugarCRM User's password. This can overwrite an existing valid Refresh Token that is already being stored. When clicking the "Save" button, an error will occur:

"ENDPOINT OR REFRESH TOKEN ARE INCORRECT AND HAVE BEEN DROPPED !!! SPECIFY CORRECT ENDPOINT AND REFRESH TOKEN !!!"

Resolving the problem

Preventing the problem

Refrain from saving the password for the SugarCRM Administrator "Integration User" in your browser settings. If you do, expect that when you access the General Settings, the Refresh Token will be overwritten and you'll need to re-enter the Refresh Token and possibly the Endpoint URL.