Changing Access token permission

we have an application which has integrated sendbird chat and we have decided to create separate project for the chat using same sendbird application. The old chat was allowing users read&write without access token, the new chat should deny login without access token. While developing the new project we have two use both chat applications. It means same user can connect with and without token. Therefore Access token permission we left as read&write.

And now we have a problem if new chat issues token for user, that user can not connect to old chat. We tried to revoke all tokens for that users but he still cannot connect. We don’t want to do any improvements for old chat. How we can make that user be able to join the old chat? Also, maybe you can suggest what is the best way to do this migration.


Hi @Siggg,

Welcome to the Sendbird Community. This is actually expected behavior. Once an access token has been generated for a user, they must always connect using that access token. Regardless of whether the security setting is read&write. Access tokens can not be completely revoked. They can only be revoked and re-issued. In order for users to join the old chat, you would need to have them connect with the access token.

As far as best practice, I’m not sure there is one here. Two different end applications connecting to the same Sendbird application is not uncommon but what is uncommon is each app having different security requirements. It may be best just to loop through your user base and issue accessTokens for all, and implement a way for both apps to utilize the accessToken.