diff --git a/app/core/src/main/java/com/fsck/k9/controller/MessagingController.java b/app/core/src/main/java/com/fsck/k9/controller/MessagingController.java
index e654e6d06628534aa51bb56f69f617e54e7fc8d0..63ec65eff5d7892ddf7926747fc34123d10fbf00 100644
--- a/app/core/src/main/java/com/fsck/k9/controller/MessagingController.java
+++ b/app/core/src/main/java/com/fsck/k9/controller/MessagingController.java
@@ -2578,7 +2578,7 @@ public class MessagingController {
             return true;
         }
 
-        EeloAccountHelper.INSTANCE.updateOAuthStateIfMissing(context, preferences, account);
+        EeloAccountHelper.INSTANCE.updateOAuthState(context, preferences, account);
         return serverSettings.authenticationType == AuthType.XOAUTH2 && account.getOAuthState() == null;
     }
 
diff --git a/app/core/src/main/java/com/fsck/k9/job/MailSyncWorker.kt b/app/core/src/main/java/com/fsck/k9/job/MailSyncWorker.kt
index b9f01eb33699c144dc8f6d179853616d202de8ce..3b317628df7a188a241afee45a561566bcffcc2f 100644
--- a/app/core/src/main/java/com/fsck/k9/job/MailSyncWorker.kt
+++ b/app/core/src/main/java/com/fsck/k9/job/MailSyncWorker.kt
@@ -46,7 +46,7 @@ class MailSyncWorker(
             return Result.success()
         }
 
-        EeloAccountHelper.updateOAuthStateIfMissing(context, preferences, account)
+        EeloAccountHelper.updateOAuthState(context, preferences, account)
         if (account.incomingServerSettings.authenticationType == AuthType.XOAUTH2 && account.oAuthState == null) {
             Timber.d("Account requires sign-in. Skipping mail sync.")
             return Result.success()
diff --git a/app/core/src/main/java/com/fsck/k9/setup/EeloAccountHelper.kt b/app/core/src/main/java/com/fsck/k9/setup/EeloAccountHelper.kt
index 2af9c115524afdc12987eaa2d262c8b127217583..10b69fbe9ed9866d7b8792eeca12fa6088ee11e2 100644
--- a/app/core/src/main/java/com/fsck/k9/setup/EeloAccountHelper.kt
+++ b/app/core/src/main/java/com/fsck/k9/setup/EeloAccountHelper.kt
@@ -16,44 +16,47 @@
 
 package com.fsck.k9.setup
 
+import android.accounts.Account as OsAccount
+import android.accounts.AccountManager as OsAccountManager
 import android.content.Context
 import com.fsck.k9.Account
 import com.fsck.k9.mail.AuthType
 import com.fsck.k9.preferences.AccountManager
-import android.accounts.AccountManager as OsAccountManager
-import android.accounts.Account as OsAccount
 import timber.log.Timber
 
 object EeloAccountHelper {
 
     /**
-     * to support backward-compatibility.
-     * In previous versions google accounts loaded from accountManager doesn't store oAuthState in the db.
-     * This method check if the oAuthState is missing or not, if missing, update the oAuthState
+     * Update oAuthState for google accounts which is logged in using accountManager
+     * @return is the update operation successful or not
      */
-    fun updateOAuthStateIfMissing(context: Context, accountManager: AccountManager, account: Account?) {
+    fun updateOAuthState(context: Context, accountManager: AccountManager, account: Account?): Boolean {
         // check params
         if (account == null) {
             Timber.w("updating OAuthState failed, account is null")
-            return
+            return false
         }
 
         // validation
-        if (account.incomingServerSettings.authenticationType != AuthType.XOAUTH2 || account.oAuthState != null) {
+        if (account.incomingServerSettings.authenticationType != AuthType.XOAUTH2) {
             Timber.w("updating oAuthState failed, not oauth2 authType")
-            return
+            return false
         }
 
         val osAccountManager = OsAccountManager.get(context)
-        val googleAccount = retrieveGoogleAccountFromAccountManager(osAccountManager, account.email) ?: return
+        val googleAccount = retrieveGoogleAccountFromAccountManager(osAccountManager, account.email) ?: return false
         account.oAuthState = osAccountManager.getUserData(googleAccount, AccountManagerConstants.KEY_AUTH_STATE)
-        if (account.oAuthState != null) {
-            accountManager.saveAccount(account)
-        }
+        accountManager.saveAccount(account)
+        return true
     }
 
     // If token is updated by mail, also update the accountManager
-    fun updateAccountInAccountManager(context: Context?, account: OsAccount?, authState: String?, accessToken: String?) {
+    fun updateAccountInAccountManager(
+        context: Context?,
+        account: OsAccount?,
+        authState: String?,
+        accessToken: String?
+    ) {
         if (context == null || account == null || authState == null || accessToken == null) {
             Timber.w("updating account for accountManager failed, invalid param.")
             return
diff --git a/app/k9mail/src/main/java/com/fsck/k9/backends/RealOAuth2TokenProvider.kt b/app/k9mail/src/main/java/com/fsck/k9/backends/RealOAuth2TokenProvider.kt
index f57748eb3cb2003102584a044db0404e74b0f8fe..aafea74f4cbf6b85df11d1abfd56d6c3cf5b8018 100644
--- a/app/k9mail/src/main/java/com/fsck/k9/backends/RealOAuth2TokenProvider.kt
+++ b/app/k9mail/src/main/java/com/fsck/k9/backends/RealOAuth2TokenProvider.kt
@@ -25,8 +25,13 @@ class RealOAuth2TokenProvider(
     private var requestFreshToken = false
 
     override fun getToken(email: String, timeoutMillis: Long): String {
+        // if the authState is retrieved from accountManager, then return it. Refresh will be handled by accountManager.
+        if (EeloAccountHelper.updateOAuthState(context, accountManager, account)) {
+            return account.oAuthState?.let { AuthState.jsonDeserialize(it) }?.accessToken
+                ?: throw AuthenticationFailedException("Login required")
+        }
+
         val accountManagerAccount = EeloAccountHelper.retrieveGoogleAccountFromAccountManager(context, email)
-        EeloAccountHelper.updateOAuthStateIfMissing(context, accountManager, account)
 
         val latch = CountDownLatch(1)
         var token: String? = null