Read through the following topic if you are experiencing Refresh Token overwritten issues in SugarCRM
When allowing the browser to save passwords and using the same SugarCRM Administrator "Integration User" within the General Settings, the browser will attempt to pre-populate the "Refresh Token" field with the SugarCRM User's password. This can overwrite an existing valid Refresh Token that is already being stored. When clicking the "Save" button, an error will occur:
"ENDPOINT OR REFRESH TOKEN ARE INCORRECT AND HAVE BEEN DROPPED !!! SPECIFY CORRECT ENDPOINT AND REFRESH TOKEN !!!"
Resolving the problem
- Re-save the Refresh Token field with a valid token.
- You may also need to re-enter the Endpoint URL.
Preventing the problem
Refrain from saving the password for the SugarCRM Administrator "Integration User" in your browser settings. If you do, expect that when you access the General Settings, the Refresh Token will be overwritten and you'll need to re-enter the Refresh Token and possibly the Endpoint URL.