BugWP logo BugWP
Back to Community
Home / Community / PluginExactmetrics – google analytics dashboard for wordpress (website stats plugin)

Understanding and Solving the Google OAuth 25-Site Limit in ExactMetrics

19 threads Sep 10, 2025 PluginExactmetrics – google analytics dashboard for wordpress (website stats plugin)

Content

If you manage multiple WordPress sites with the ExactMetrics plugin, you may have encountered a frustrating issue: sites frequently becoming unlinked and requiring re-authentication. This is a common problem rooted in a Google-imposed limitation, not a bug in the plugin itself. This guide explains the cause and outlines the most effective solutions.

The Core Problem: Google's OAuth Token Limit

The primary issue stems from a restriction Google places on all user accounts. A single Google account can only have a limited number of active OAuth 2.0 refresh tokens for a given application or service. According to discussions and official plugin support, this limit is 25 tokens per Google user account.

This means that when you authorize the ExactMetrics plugin on a WordPress site, it consumes one of these 25 tokens. When you authorize a 26th site, it invalidates the token for the first site you authorized, causing it to become unlinked. This behavior repeats, creating a cycle of deauthorization.

Important Note: This limit is per Google user account, not per Google Analytics account. It is a universal restriction applied by Google's authentication system and affects any service that uses OAuth, not just ExactMetrics.

Why This Happens

Google enforces this limit for security reasons. It helps prevent the indefinite accumulation of authorized applications and reduces the potential impact if a user's account is compromised. Unfortunately, for web professionals managing large numbers of client sites, this can create a significant administrative burden.

Common Solutions and Workarounds

Based on community discussions and solutions provided by the ExactMetrics team, here are the most effective strategies for overcoming this limitation.

1. Use a WordPress Multisite Network (Recommended)

This is often the most efficient solution. In a WordPress Multisite (network) setup, the plugin only requires a single authorization for the entire network. The network administrator authorizes the plugin once and then assigns Analytics properties to each individual subsite from a central dashboard. This method uses only one token, completely bypassing the 25-site limit.

2. Create Additional Google Accounts

For those not using Multisite, a practical workaround is to distribute your sites across multiple Google accounts. For example, you could:

  • Use one Google account to authorize plugins on sites 1-25.
  • Use a second Google account to authorize plugins on sites 26-50.
  • Continue this pattern for additional sites.

You would need to grant each Google account access to the appropriate Analytics properties via the Google Analytics user management settings.

3. Delegate Authorization to Clients

If you are managing sites for clients, the ideal solution is to have each client authorize the plugin with their own Google account. You would first grant their Google account access to their site's Analytics property. They would then complete the authentication process within their own WordPress dashboard. This method places zero tokens against your personal account.

Multisite-Specific Considerations

If you opt for the Multisite solution, be aware of two other known considerations:

  • Site Display Limit: The network settings panel may only display 100 subsites by default. This can be increased by adding a custom filter to your theme's functions.php file:
    add_filter('gadwp_sites_limit', function() { return 500; });
  • PHP Version Compatibility: Some users on PHP 7.0 have reported bugs with saving network settings. If you encounter this, temporarily downgrading to PHP 5.6 or ensuring your plugin is updated to the latest version may resolve the issue.

Conclusion

The constant need to re-authorize ExactMetrics across many sites is a challenging problem, but it is solvable. The 25-token limit is a Google account security feature, not a flaw in the plugin. The most robust solution is to implement a WordPress Multisite network. For those managing client sites, delegating the authorization process to the clients themselves is the most sustainable approach long-term.

Related Support Threads Support