generated OAuth acces_token expires after 24 hours
hello,
The complete OAuth 2.0 authorization grant flow could be performed without errors.
Step 1: Receive authorization code and tenant ID
Step 2: With https://community.xxxxxx.xxx/api/2.0/auth/validateToken and the required header and body parameters access_token, refresh_token and user-id were returned.
Step 3: https://community.xxxxxx.xxx/api/2.0/auth/refreshToken provided a new acces_token with which I can also perform LIQL queries.
However, the acces_token expires after 24 hours, so i have to call https://community.xxxxxx.xxx/api/2.0/auth/refreshToken again.
Where is the error?
Hi HuttropFatty ,
This is by design. Per https://developer.khoros.com/khoroscommunitydevdocs/docs/oauth-authorization-grant :
The access token is valid for 24 hours. Refresh the access token before the access token expires. The refresh token does not expire unless it is specifically revoked.
You may wish to add some retry logic to your implementation. If you get a response back that the access token has expired, you can make a call to the refresh token endpoint and get a new access token. Then you can retry your original request again.
Alternately, you could just add some logic to periodically obtain a new access token on some interval less than 24 hours.
I hope this helps!