-
Notifications
You must be signed in to change notification settings - Fork 79
How to get new token after 1 hour programtically? #506
Comments
When you request the initial access token, it will come with a refresh token. You can use that later to renew the access token once (or just before) it expires. More information is available in the Web API Authorization Guide under steps 5 and 7 of the Authorization Code Flow. |
@jscholes is correct - you need to use refresh tokens. The authorization guide he linked should walk you through that. |
@jscholes can I make the request for a new access token in the client side ? |
To refresh an access token using a previously-obtained refresh token, you need to send your application's client ID and client secret in the Authorization header of the request to the /api/token endpoint. Therefore, you should probably perform the request server-side to prevent the client secret being made available to your users. But yes, you can refresh the token client-side if you decide that's appropriate. Once an access token has expired, it can no longer be used. If you're running a web application in a user's browser, you'll need to find a way to refresh the access token when necessary. How you go about that is up to you, but there should be no need for the user to refresh the page to accomplish it if you don't want them to have to do so. |
I am trying to find an endpoint but can not find it. Any pointer on this?
The text was updated successfully, but these errors were encountered: