How to keep OAuth alive
Hi!
I'm writing a Windows 10 UWP to access Box, and after a user has granted permissions to my app through the OAuth flow, I want to save something so that the next time they run my app, they don't need to authenticate.
I tried saving the authCode, but the next time I run my app and use it, even if it is immediately afterwards, it says code expired. How to do this?
Also if I keep the BoxClient around in memory, is there a time limit on how long I can use it during one invocation of my app (ie does it auto refresh its tokens)?
Cheers,
Paul
-
When they authenticate, you'll get an auth token and a refresh token via the redirect URI. You can bank that in a keystore. The next time your app needs to establish a Box connection, use the tokens from the keystore. When successfully authenticated, you'll get a fresh pair of tokens that you can sock away for next time. The refresh token is good for 60 days--if you go longer than that, then you'll have to go through the manual authentication process again. Depending on which SDK you're using, you can provide keystore functions that will be automatically called when your token expires (they last an hour).
Please sign in to leave a comment.
Comments
1 comment