0

I thought this was discussed somewhere, but I can't find the thread.

I've updated my authorization to the one you gave me Dani. If I now start my DwArticleWatch after a while (about 2 hours, but unconfirmed) I get an error message that curl failed. I think the access token has timed out at that point (or the session associated with it). If I reload the authorization page, and go back to the watch, it works again. Do I need to implement a refresh method? Looks like it breaks earlier then the mentioned 24 hours.

Edited by pritaeas

2
Contributors
4
Replies
36
Views
3 Years
Discussion Span
Last Post by Dani
0

You need to give me something to reproduce. However, without looking at anything, this is the flow:

  • Make request to /api/oauth
  • Depending on if end-user previously authorized at any time in the past, they will be asked to authorize and then you'll get a code, or you'll just directly get a code
  • Code can be exchanged only one-time for access token and refresh token with call to /api/access_token; Access token has 24 hour lifespan and refresh token has infine lifespan (unless end-user manually revokes it)
  • Subsequent calls to /api/access_token allow you to exchange your permanent refresh token for an access token whenever you need it; Each access token is good for 24 hours; Refresh tokens have infinite lifespans and can be exchanged at any time, as many times as you need
0

Haven't used the refresh token yet, and the code is still running. So never mind for now.

0

You only need to use the refresh token for offline apps (when you need access to an active access token at a time when the user is not online and you can't send them through the flow).

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.