Box Node API : Token Expired on prod
Answered
Hi,
I am using the basicClient with a never expiring token to set up my box client on Node:
const client = BoxSDK.getBasicClient(process.env.BOX_TOKEN);
And I am able to get both embed and download URLs locally. However, when I deploy to GCP, I keep getting the following errors (even though I have set the proper BOX_TOKEN in my production secrets):
Expired Auth: Auth code or refresh token has expired [401 Unauthorized
And I am able to get both embed and download URLs locally. However, when I deploy to GCP, I keep getting the following errors (even though I have set the proper BOX_TOKEN in my production secrets):
Expired Auth: Auth code or refresh token has expired [401 Unauthorized
Relevant Headers:
statusCode: 401,
'www-authenticate': 'Bearer realm="Service", error="invalid_token", error_description="The access token provided is invalid."'
'BOX-REQUEST-ID',
'0e4b406acf7dcc138ab7e055d3a9bf4f3'
authExpired: true
I am using the same token with a rails backend and it is working fine.
Any ideas what could be going on?
statusCode: 401,
'www-authenticate': 'Bearer realm="Service", error="invalid_token", error_description="The access token provided is invalid."'
'BOX-REQUEST-ID',
'0e4b406acf7dcc138ab7e055d3a9bf4f3'
authExpired: true
I am using the same token with a rails backend and it is working fine.
Any ideas what could be going on?
-
Hi Adam,
With all Box tokens, they will inevitably expire. Typically with most tokens (e.g. JWT, developer token, OAuth 2 token) that will be 60 minutes before it needs to be refreshed. When using the basic client I believe what might be happening is that the token is expiring and the Node SDK might not be able to handle the automatic refresh for you.
For instance, if you're using a developer token then that token will expire after an hour and will not be able to be programmatically refreshed. All other tokens will need to be refreshed after that 60min period.
Hope that helps.
Please sign in to leave a comment.
Comments
1 comment