API02008: Refresh Token Invalid
What This Means
The refresh token stored by the POS is not recognized by the server. Refresh tokens are used to obtain new access tokens without requiring you to log in again.
Common Causes
- Token revoked — An administrator invalidated your session
- Server secrets changed — WordPress security keys were updated
- Data corruption — The token was corrupted in storage
- Multiple logins — Logging in elsewhere may have invalidated this token
How to Fix
1. Log In Again
Since the refresh token is invalid, you'll need to authenticate again:
- Log out of the POS
- Enter your username and password
- This generates new valid tokens
2. Check for Revoked Sessions
If an admin revoked sessions:
- This is normal security practice
- Simply log in again
- Your new session will work normally
3. Check Server Changes
If this affects all users:
- WordPress salts/keys may have changed
- JWT plugin settings may have been modified
- Contact your server administrator
4. Clear Stored Data
If you continue having issues:
- Clear the POS application data
- Remove cached credentials
- Start with a clean login