Box OAuth access token and refresh token- Standard practice
Hello,
I am working on requirement where we have to access file from box and save it to some other application, Platform team has asked us to use OAuth 2.0 authentication (No JWT authentication). I am able to access box using OAuth Access token and refresh token. My question is,how can I make sure that my code will work after 60 days. I know that refresh token is valid for next 60 days. Can I create new access and refresh token from old token with each request? What is standard practice box suggests for this kind of requirement?
Thanks in advance,
Kiran
-
At least in the SDK .NET, the one that I'm using, there's a method call ExchangeRefreshToken with this:
/// Refresh token used to exchange for a new access token. Each refresh_token is valid for one use in 60 days. Every time you get a new access_token by using a refresh_token, we reset your timer for the 60 day period and hand you a new refresh_token
So it looks like there's a way to use the actual refresh token, to renew the 60 days and get a new refresh token using the old one.
But I'm confused now because the last post is coming from a person that works in the company and is saying there's no way to do this, so I don't know.
サインインしてコメントを残してください。
コメント
4件のコメント