.NET SDK -- Where is my refresh token?
AnsweredI keep reading that I am responsible for retrieving and saving a Refresh Token. And then I read in some posts that the SDK handles that behind the scenes. So, I'm confused.
Here's what I'm using to test uploading files:
public BoxClient CreateAccessClient(string tokenFilePath) { BoxClient result = null; // Open a stream to read and dispose of the automatically created Box configuration file. using (FileStream fs = new FileStream(tokenFilePath, FileMode.Open, FileAccess.Read)) { // Initialize the SDK with the Box configuration file and create a client that uses the Service Account. var session = new BoxJWTAuth(BoxConfig.CreateFromJsonFile(fs)); result = session.AdminClient(session.AdminToken()); } return result; }
I'm using the JSON file I downloaded when I created my App. I understand I'm using my App's Service Account (on a Developer's account) for access and this appears to be working OK for uploading and getting shared links. But, I'm not seeing a Refresh Token. In looking at the debug information for the client I create above, I see a RefreshToken variable in BoxClient.Auth.Session.RefreshToken, but it's null. And I do see my access token has a lifetime of 60 minutes.
Do I assume correctly that in 60 days from the time I created my App account, I won't be able to connect anymore? If so, what do I need to change. Thanks!
-
Since you are authenticating with JWT, not getting a refresh token is expected. I'll explain in more detail below.
We have two main authentication types: OAuth2 and JWT
- With OAuth2, when you request a new API token you get an access token that expires in 60 minutes and a refresh token that expires in 60 days. The refresh token can only be used once to get a new access token, and when you use the refresh token our API will send back a new refresh token.
- With JWT, there is no refresh token to manage. You use your existing JWT credentials to get a new access token. This gives your application persistent access to the Box enterprise that authorized your application.
Please let me know if that answers your question?
Please sign in to leave a comment.
Comments
5 comments