Client Credentials Grant Expiration Time
Answered
Hello,
I am authenticating with the Box API via JWT using a Client Credentials Grant (https://developer.box.com/guides/authentication/jwt/without-sdk/#client-credentials-grant). The response looks like below:
{"access_token":"<REDACTED>","expires_in":4102,"restricted_to":[],"token_type":"bearer"}
What is unit is the expires_in field? Are these the seconds until the access_token expires?
-
Official comment
Hi Wesley,
That's correct, expires_in will be the time in seconds until token expiration. You can see more detail about the token object response over here.
- Jon
Comment actions -
Thanks for the response Jon. Follow up question:
The documentation you sent me has a refresh token as a part of the response payload, but mine does not. I am using the client credentials grant to obtain a JWT and the response looks like this:
{"access_token":"<REDACTED>","expires_in":4102,"restricted_to":[],"token_type":"bearer"}
How would I refresh this token once it expires?
Thanks,
-
Hi Wesley,
The reference guide can be a bit confusing in this instance because it incorporates all possible options / values for all of our different auth types. Here's what you'll need to know for client credential grant.
The payload that you're seeing doesn't include a refresh token, like what you would see within standard OAuth 2 (when a user signs in to grant your app permissions). With those app types you would call the refresh token endpoint using that refresh token.
In your case, it's easier - when the token expires just call the same request access token endpoint that you did to get the first access token, which will give you a new one to use.
- Jon
Please sign in to leave a comment.
Comments
3 comments