Using multiple access tokens in one Box appliction for a unique "AccessTokenCacheKey"
回答済み
I am making use of Box Java SDK for creating my box application. In Box platform (BoxDeveloperEditionAPIConnection), do we have any merit to use more than two access tokens for a unique "AccessTokenCacheKey"?
In InMemoryLRUAccessTokenCache implementation, only one active access token is cached for the unique key. Does that mean, using multiple access tokens for one AppUser in the same application are meaningless in Box platform? For example, Is API call limitation (1 sec window and 24 hours window) applied to not a unit of access token but a unit of AppUser?
If there is any merit to use multiple access tokens for one AppUser, I am thinking to create own cache implementation so any information would be appreciated.
-
Thanks for replying. As long as I checked, Box platform is possible to provide multiple access tokens for one AppUser.
That is impossible in standard Box OAuth2 application which provides a pair of access token and refresh token. Once a refresh token is used, new access token is provided then the access token is used by app, old access token became expired. However, even if I request new access token for the AppUser for whom I already requested an access token, these two access tokens are active and I was able to use both. So, it is possible to have multiple access tokens concurrently for one AppUser in Box Platform.
So, I had the question to have multiple access tokens for one AppUser and if there is any benefit to do it.
-
My earlier reply was incorrect. Sorry for the confusion!
The results you are seeing is the expected behavior. Here are some notes about the App User access token from our PM team:
- You can generate as many App User access tokens as needed.
- Each token is independent and has its own expiration of 60 minutes.
- This lets you have different tokens for different clients.
サインインしてコメントを残してください。
コメント
5件のコメント